You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa file

Sigurnosni nedostatak programskog paketa file

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-2876
2014-02-21 23:49:56
——————————————————————————–

Name : file
Product : Fedora 19
Version : 5.11
Release : 12.fc19
URL : http://www.darwinsys.com/file/
Summary : A utility for determining file types
Description :
The file command is used to identify a particular file according to the
type of data contained by the file. File can identify many different
file types, including ELF binaries, system libraries, RPM packages, and
different graphics formats.

——————————————————————————–
Update Information:

Fix for CVE-2014-1943.
——————————————————————————–
ChangeLog:

* Tue Feb 18 2014 Jan Kaluza <jkaluza@redhat.com> – 5.11-12
– fix #1065837 – fix for CVE-2014-1943
* Thu Aug 22 2013 Jan Kaluza <jkaluza@redhat.com> – 5.11-11
– fix #985072 – add support for journald files
* Mon Jun 17 2013 Jan Kaluza <jkaluza@redhat.com> – 5.11-10
– build python-magic as noarch
– fix netpbm detection
——————————————————————————–
References:

[ 1 ] Bug #1065836 – CVE-2014-1943 file: infinite recursion
https://bugzilla.redhat.com/show_bug.cgi?id=1065836
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update file’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorMarijo Plepelic
Cert idNCERT-REF-2014-03-0007-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskih paketa python2.6, python2.7, python3.2 i python3.3

Otkriveni su sigurnosni nedostaci u programskim paketima python2.6, python2.7, python3.2 i python3.3. Otkriveni nedostatak je uzrokovan neispravnim rukovanjem s veličinom...

Close