file (5.03-5ubuntu1.5) lucid-security; urgency=medium
* SECURITY UPDATE: DoS via insufficient note headers
- debian/patches/CVE-2014-3710.patch: handle running out of not headers
in src/readelf.c.
- CVE-2014-3710
* SECURITY UPDATE: DoS in ELF parser
- debian/patches/CVE-2014-8116.patch: limit number of headers and
capabilities in src/elfclass.h, src/readelf.c.
- CVE-2014-8116
* SECURITY UPDATE: DoS via missing recursion limits
- debian/patches/CVE-2014-8117.patch: lower recursion level and allow
it to be set from the command line in src/file.{c,h},
src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h,
src/softmagic.c, add new option to documentation in
doc/file.man, doc/libmagic.man.
- CVE-2014-8117
Date: 2015-01-27 15:46:29.226971+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/file/5.03-5ubuntu1.5
Sorry, changesfile not available.
--
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes