[SECURITY] [DSA 3196-1] file security update

2015-03-18T00:00:00
ID SECURITYVULNS:DOC:31799
Type securityvulns
Reporter Securityvulns
Modified 2015-03-18T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA-3196-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 18, 2015 http://www.debian.org/security/faq


Package : file CVE ID : CVE-2014-9653

Hanno Boeck discovered that file's ELF parser is suspectible to denial of service.

For the stable distribution (wheezy), this problem has been fixed in version 5.11-2+deb7u8.

For the upcoming stable distribution (jessie), this problem has been fixed in version 1:5.22+15-1.

For the unstable distribution (sid), this problem has been fixed in version 1:5.22+15-1.

We recommend that you upgrade your file packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIcBAEBAgAGBQJVCbyJAAoJEBDCk7bDfE42mSgP/01JqiSn3bJ/H5V76iqokzXB j9ot35Oqx2viFuzbACOb11tp6WpSvdnrZXW761nMOwiQi0MNk88Zo+IwAATAtVjG P8CuptSsbzhMej82JZkq9hIIYO8HJh0dEznnu6sSAV7gq3gTnM+h8HhJqkMSWIFP g//H753nm2eHhOuH9yyG8BT6ovUkRpEh5SuYLCVFc9h0vqshRYTd+Mnqj8hw2VfS FFRibDD9cMDkx3EAMGH53c3TWne23u9XHFBPNwqogiWh6pCQ3LncnNpv1jBFVN23 w0To4M4ycMN3qDoP9or4QNu/7MCEzVkAW3Ev8TrNErEqYsLIBadoNvpssRoBwrof hzE0WjI0738TsqtGDbVA0xjPQ4toZowICPhTcp/u3rzJruLh+2XoTulMcnLO1q8g G1eJuiGTDnE6CliBCinDvyNc35iD8rYEZ9gkHqN7D2OnBno7Rbd4sKi1T8HfmqYT 2lXQ4KVg928Kp/hjk5LLao3zFFGWgZYEoZ9/Kn6huERDk0UNID7S5veEGM7eaxR7 /G+bUeDheVEPCC5NvX93YrQzf62q+PPxPQhjSL4PCAKJPU0ql7C7PNxOAkZlpuHe 4VxjmIr8nnL9a32SX1zIhfPiKFJ7B6JcdEMsiiXw7o5jnnkXGUUguXtx8R3j1LwA SkxqwdRZ/wPS8arfSzMG =c6H6 -----END PGP SIGNATURE-----