file 5.11-2ubuntu4.3 source package in Ubuntu
Changelog
file (5.11-2ubuntu4.3) saucy-security; urgency=medium
* SECURITY UPDATE: denial of service via awk rule backtracking
- debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in
magic/Magdir/commands.
- CVE-2013-7345
* SECURITY UPDATE: denial of service in cdf_read_short_sector
- debian/patches/CVE-2014-0207.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-0207
* SECURITY UPDATE: denial of service in mconvert
- debian/patches/CVE-2014-3478.patch: properly handle truncated pascal
string size in src/softmagic.c.
- CVE-2014-3478
* SECURITY UPDATE: denial of service in cdf_check_stream_offset
- debian/patches/CVE-2014-3479.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3479
* SECURITY UPDATE: denial of service in cdf_count_chain
- debian/patches/CVE-2014-3480.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3480
* SECURITY UPDATE: denial of service in cdf_read_property_info
- debian/patches/CVE-2014-3487.patch: properly calculate sizes in
src/cdf.c.
- CVE-2014-3487
* SECURITY UPDATE: denial of service via awk rule backtracking
- debian/patches/CVE-2014-3538.patch: allow specifying lengths for
regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust
existing expressions in magic/Magdir/commands, magic/Magdir/fortran,
magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific,
magic/Magdir/troff, update manpage in doc/magic.man.
- CVE-2014-3538
* debian/patches/commands-strength.patch: reduce strength of awk rule so
it doesn't get priority over perl scripts.
-- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 11:56:29 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Saucy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| file_5.11.orig.tar.xz | 433.7 KiB | 4a7c047666cf54dce00f2c5a32a6379f94203e5c886fc294bab449c1a1ae286b |
| file_5.11-2ubuntu4.3.debian.tar.xz | 32.1 KiB | fd449aac9bcd3da76140271cd8abf4a19949db34f4190a0bcd7108b6855a2e3d |
| file_5.11-2ubuntu4.3.dsc | 2.2 KiB | e9a21afdbe27efb6df598a312ad86d1a2eb66801d2461d2fe45f5f8d26d6a3e3 |
Available diffs
Binary packages built by this source
- file: No summary available for file in ubuntu saucy.
No description available for file in ubuntu saucy.
- libmagic-dev: No summary available for libmagic-dev in ubuntu saucy.
No description available for libmagic-dev in ubuntu saucy.
- libmagic1: No summary available for libmagic1 in ubuntu saucy.
No description available for libmagic1 in ubuntu saucy.
- python-magic: No summary available for python-magic in ubuntu saucy.
No description available for python-magic in ubuntu saucy.
- python3-magic: No summary available for python3-magic in ubuntu saucy.
No description available for python3-magic in ubuntu saucy.
