Parent Directory | Revision Log
MGASA-2019-0118: file-5.25-5.2.mga6
1 | type: security |
2 | subject: Updated file packages fix security vulnerabilities |
3 | CVE: |
4 | - CVE-2019-8905 |
5 | - CVE-2019-8907 |
6 | src: |
7 | 6: |
8 | core: |
9 | - file-5.25-5.2.mga6 |
10 | description: | |
11 | The updated file packages fix security vulnerabilities: |
12 | |
13 | do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based |
14 | buffer over-read, related to file_printable, a different vulnerability |
15 | than CVE-2018-10360. (CVE-2019-8905) |
16 | |
17 | do_core_note in readelf.c in libmagic.a in file 5.35 allows remote |
18 | attackers to cause a denial of service (stack corruption and application |
19 | crash) or possibly have unspecified other impact. (CVE-2019-8907) |
20 | references: |
21 | - https://bugs.mageia.org/show_bug.cgi?id=24498 |
22 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JG7FM7W3R4C4P5R4PFNBYEGTQHASG2O/ |
23 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5DKJLTXLQCKG4GQNC5JUDGVGAJAJJ2K3/ |
24 | - https://lists.suse.com/pipermail/sle-security-updates/2019-March/005176.html |
25 | - https://usn.ubuntu.com/3911-1/ |
26 | - https://lists.opensuse.org/opensuse-updates/2019-03/msg00076.html |
27 | ID: MGASA-2019-0118 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |