| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1dpKG6-0005pF-8s@seger.debian.org> Date: Tue, 05 Sep 2017 20:15:42 +0000 From: Salvatore Bonaccorso <carnil@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 3965-1] file security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3965-1 security@...ian.org https://www.debian.org/security/ Salvatore Bonaccorso September 05, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : file CVE ID : CVE-2017-1000249 Thomas Jarosch discovered a stack-based buffer overflow flaw in file, a file type classification tool, which may result in denial of service if an ELF binary with a specially crafted .notes section is processed. For the stable distribution (stretch), this problem has been fixed in version 1:5.30-1+deb9u1. For the unstable distribution (sid), this problem has been fixed in version 1:5.32-1. We recommend that you upgrade your file packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmvBG1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0S3tA//S/EZiFJ2DfFBkKYFKthu+AOPjMjZS3Seoo5uNBwcqfC3zcpKc5BnjJSs do0J2eKHYxkmVtW5Ox2AhnRlOBTGky3wiS5wFS3LCaeYgjhFt7L6I0VHY09wF9B4 QnkQ6f4r7PJ8/iwKow0XaOrjoE4ClACckaWTpVfFg2oOOZWODSWEoGxQxDEXdsVP DnyY/9TmdRbIhx8OrKJs0oUVQdt6gFguoENvV8zEsTdcJ4trDlFb8t8RcqRWOuWW 8WZ1jeIqDJ31Sl37tItM/AN8MD1STi4Ic9NaDFjAk80iiFBoMxKyfiwWjuZ/d3DX /acoG3XcHLw6V0zB5LBc8HLCqhKrlAqoQ0rFB07+SRr8XGftnRXRT9CuterJcPzp wqgHzvnVL9XsfwZSEAR0yqQAE7Yj6yhEHy4QlPkM6aedO7IIffOE3NvdOBCd46Jg KUKeJZZ4AYH2FcHAzucE9aqdujwfMu/STiPosveA/Z4Kqc3o7ds9nY5N77yynzdH MHzU01lbJBes3+MkfSn9mbGrU6OiB8qUQL0MuOdbB0qAbzYuhJvtzoJ2Pk6PApIX bxDUhQhP5WW1MJ6adOBk0aV6qGLqBaAwbjbMQva0MNmQC01M3IJtR1Su7GCNadU9 +19j1pIJBURMbaHaegidNwLVZudfl+V+uvK8ERgk6RII7MasSJk= =suKv -----END PGP SIGNATURE-----
Powered by blists - more mailing lists