Change logs for file source package in Vivid
-
file (1:5.20-1ubuntu2) vivid; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/apprentice.c, src/file.c, src/file.h, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h.in, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number * debian/libmagic1.symbols: added new symbols -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 08:28:35 -0500 -
file (1:5.20-1ubuntu1) vivid; urgency=low * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build. file (1:5.20-1) unstable; urgency=low * New upstream version 5.20. Addresses: - more audio/video formats. Closes: #762561 - relax dis-detection of Perl scripts as AWK, part of #698569 * Update the syntax of the Build-Profiles field. Closes: #764218 file (1:5.19-2) unstable; urgency=high * urgency set to high to address a security problem * Cherry-pick upstream commit 0641e56 to fix CVE-2014-3587 -- Michael Vogt <email address hidden> Thu, 30 Oct 2014 15:02:08 +0100 -
file (1:5.19-1ubuntu1.1) utopic-security; urgency=medium * SECURITY UPDATE: buffer underflow in CDF file identification - debian/patches/CVE-2014-3587.patch: modify src/cdf.c to detect and abort on buffer underflows. - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 27 Aug 2014 23:29:53 -0700
