Your message dated Mon, 02 Apr 2007 12:02:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#416678: fixed in file 4.17-5etch1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: file
Version: 4.12-1, 4.17-5
Severity: grave
Justification: user security hole
Tags: security, patch, etch, sarge
>From http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536:
Integer underflow in the file_printf function in the "file" program
before 4.20 allows user-assisted attackers to execute arbitrary code
via a file that triggers a heap-based buffer overflow.
Patch from RedHat/Ubuntu:
http://bugzilla.redhat.com/bugzilla/attachment.cgi?id=150541
Sorry, I wasn't able to test it, since I haven't found any PoC exploit
yet, but since the bug was announced this year (Changelog for 4.20)
and the last uploads for Sarge and Etch were last year or earlier, I
assume that the bug is in Sarge as well as in Etch. Sid already has
upstream version 4.20 which is fixed.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.33.2-1-dphys-k8-smp-64gb
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages file depends on:
ii libc6 2.3.2.ds1-22sarge5 GNU C Library: Shared libraries an
ii libmagic1 4.12-1 File type determination library us
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: file
Source-Version: 4.17-5etch1
We believe that the bug you reported is fixed in the latest version of
file, which is due to be installed in the Debian FTP archive:
file_4.17-5etch1.diff.gz
to pool/main/f/file/file_4.17-5etch1.diff.gz
file_4.17-5etch1.dsc
to pool/main/f/file/file_4.17-5etch1.dsc
file_4.17-5etch1_i386.deb
to pool/main/f/file/file_4.17-5etch1_i386.deb
libmagic-dev_4.17-5etch1_i386.deb
to pool/main/f/file/libmagic-dev_4.17-5etch1_i386.deb
libmagic1_4.17-5etch1_i386.deb
to pool/main/f/file/libmagic1_4.17-5etch1_i386.deb
python-magic_4.17-5etch1_i386.deb
to pool/main/f/file/python-magic_4.17-5etch1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Baumann <[EMAIL PROTECTED]> (supplier of updated file package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 29 Mar 2007 20:28:00 +0200
Source: file
Binary: libmagic1 file libmagic-dev python-magic
Architecture: source i386
Version: 4.17-5etch1
Distribution: testing-security
Urgency: high
Maintainer: Michael Piefel <[EMAIL PROTECTED]>
Changed-By: Daniel Baumann <[EMAIL PROTECTED]>
Description:
file - Determines file type using "magic" numbers
libmagic-dev - File type determination library (development)
libmagic1 - File type determination library using "magic" numbers
python-magic - Python binding for the magic library
Closes: 415362 416678
Changes:
file (4.17-5etch1) testing-security; urgency=high
.
* Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to
fix integer underflow in file_printf which can lead to to exploitable heap
overflow CVE-2007-1536 (Closes: #415362, #416678).
Files:
951d84ef18e8738d58cda73d1680ce66 693 utils standard file_4.17-5etch1.dsc
50919c65e0181423d66bb25d7fe7b0fd 556270 utils standard file_4.17.orig.tar.gz
ef79b92b6d0d4af9985200abb3eb24f5 24145 utils standard file_4.17-5etch1.diff.gz
e016c717ba5d75feede13eeeab5f7cf3 31714 utils standard file_4.17-5etch1_i386.deb
73727e6a1bee1b2050fe7d010fb832d2 275476 libs standard
libmagic1_4.17-5etch1_i386.deb
cb34870b1e90d01a8cf7894b8b2b3559 53782 libdevel optional
libmagic-dev_4.17-5etch1_i386.deb
d4f1bd064d6531149b5b643b102bf1da 22632 python extra
python-magic_4.17-5etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGDAWr+C5cwEsrK54RAn77AJ42x2xTNTSdoRzeYvksNarsEfGZiQCeJ156
1RYSbzo2MyFh++yQYwPbi4s=
=2di1
-----END PGP SIGNATURE-----
--- End Message ---
