Parent Directory
| 
Revision Log
MGASA-2019-0118: file-5.25-5.2.mga6
| 1 | type: security |
| 2 | subject: Updated file packages fix security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2019-8905 |
| 5 | - CVE-2019-8907 |
| 6 | src: |
| 7 | 6: |
| 8 | core: |
| 9 | - file-5.25-5.2.mga6 |
| 10 | description: | |
| 11 | The updated file packages fix security vulnerabilities: |
| 12 | |
| 13 | do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based |
| 14 | buffer over-read, related to file_printable, a different vulnerability |
| 15 | than CVE-2018-10360. (CVE-2019-8905) |
| 16 | |
| 17 | do_core_note in readelf.c in libmagic.a in file 5.35 allows remote |
| 18 | attackers to cause a denial of service (stack corruption and application |
| 19 | crash) or possibly have unspecified other impact. (CVE-2019-8907) |
| 20 | references: |
| 21 | - https://bugs.mageia.org/show_bug.cgi?id=24498 |
| 22 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JG7FM7W3R4C4P5R4PFNBYEGTQHASG2O/ |
| 23 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5DKJLTXLQCKG4GQNC5JUDGVGAJAJJ2K3/ |
| 24 | - https://lists.suse.com/pipermail/sle-security-updates/2019-March/005176.html |
| 25 | - https://usn.ubuntu.com/3911-1/ |
| 26 | - https://lists.opensuse.org/opensuse-updates/2019-03/msg00076.html |
| 27 | ID: MGASA-2019-0118 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |