Change log for file package in Ubuntu
1 → 75 of 134 results | First • Previous • Next • Last |
Published in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
file (1:5.45-3build1) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 07:35:22 +0000
Available diffs
- diff from 1:5.45-3 (in Debian) to 1:5.45-3build1 (534 bytes)
file (1:5.45-3) unstable; urgency=medium * Cherry-pick "Recognize unified diff output". Closes: #1063522 -- Christoph Biedl <email address hidden> Fri, 01 Mar 2024 18:30:40 +0100
Available diffs
- diff from 1:5.45-2 to 1:5.45-3 (3.9 KiB)
- diff from 1:5.45-2.1 to 1:5.45-3 (2.4 KiB)
Superseded in noble-proposed |
file (1:5.45-2.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1063113 -- Benjamin Drung <email address hidden> Fri, 01 Mar 2024 11:59:20 +0000
Available diffs
- diff from 1:5.45-2 to 1:5.45-2.1 (2.2 KiB)
file (1:5.41-3ubuntu0.1) jammy-security; urgency=medium * SECURITY UPDATE: buffer over-read in file_copystr - debian/patches/CVE-2022-48554.patch: don't use strlcpy to copy the string in src/funcs.c. - CVE-2022-48554 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 13:59:06 -0400
Available diffs
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
file (1:5.45-2) unstable; urgency=medium * Upload to unstable -- Christoph Biedl <email address hidden> Sun, 03 Sep 2023 11:40:05 +0200
Available diffs
- diff from 1:5.44-3 to 1:5.45-2 (158.4 KiB)
Superseded in noble-release |
Published in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
file (1:5.44-3) unstable; urgency=medium * Cherry-pick fixes related to APK file detection -- Christoph Biedl <email address hidden> Sat, 28 Jan 2023 19:17:20 +0100
Available diffs
- diff from 1:5.44-2 to 1:5.44-3 (2.3 KiB)
file (1:5.44-2) unstable; urgency=medium * Cherry-pick several commits to improve the detection of APK files. Closes: #849782 -- Christoph Biedl <email address hidden> Sun, 15 Jan 2023 19:15:20 +0100
Available diffs
- diff from 1:5.41-4 to 1:5.44-2 (220.5 KiB)
- diff from 1:5.44-1 to 1:5.44-2 (4.5 KiB)
file (1:5.44-1) unstable; urgency=medium * New upstream version 5.44 * Cherry-pick "Pyzip improvements". Closes: #1026976 * Detect smali files -- Christoph Biedl <email address hidden> Tue, 10 Jan 2023 21:39:37 +0100
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
file (1:5.41-4) unstable; urgency=medium * Use the just-built file executable only if it exists -- Christoph Biedl <email address hidden> Sun, 24 Apr 2022 12:49:37 +0200
Available diffs
- diff from 1:5.41-3 to 1:5.41-4 (619 bytes)
Superseded in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
file (1:5.41-3) unstable; urgency=medium * Cherry-pick commit to avoid mis-detection of .dbf as executable -- Christoph Biedl <email address hidden> Thu, 24 Mar 2022 18:07:09 +0100
Available diffs
Superseded in jammy-proposed |
file (1:5.41-2build1) jammy; urgency=medium * No-change rebuild for ppc64el baseline bump. -- Ćukasz 'sil2100' Zemczak <email address hidden> Wed, 23 Mar 2022 14:52:05 +0100
Available diffs
- diff from 1:5.41-2 (in Debian) to 1:5.41-2build1 (325 bytes)
file (1:5.41-2) unstable; urgency=medium * Upload to unstable -- Christoph Biedl <email address hidden> Fri, 19 Nov 2021 19:16:34 +0100
Available diffs
- diff from 1:5.39-3build1 (in Ubuntu) to 1:5.41-2 (170.8 KiB)
Superseded in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
Deleted in impish-proposed (Reason: Moved ot jammy) |
file (1:5.39-3build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:11:31 +0200
Available diffs
- diff from 1:5.39-3 (in Debian) to 1:5.39-3build1 (315 bytes)
Superseded in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
file (1:5.39-3) unstable; urgency=medium * Upload to unstable -- Christoph Biedl <email address hidden> Thu, 19 Nov 2020 22:21:06 +0100
Available diffs
- diff from 1:5.38-5 to 1:5.39-3 (62.9 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
file (1:5.38-5) unstable; urgency=medium * Change default for name/use to 50. Closes: #928009 * Fix regression in detection of troff files. Closes: #949878 -- Christoph Biedl <email address hidden> Sat, 16 May 2020 21:55:21 +0200
Available diffs
- diff from 1:5.38-4 to 1:5.38-5 (2.5 KiB)
file (1:5.32-2ubuntu0.4) bionic-security; urgency=medium * SECURITY REGRESSION: truncated interpreter name (LP: #1835596) - debian/patches/CVE-2019-8905_8907.patch: updated to use correct length in src/readelf.c. -- Marc Deslauriers <email address hidden> Tue, 12 May 2020 09:31:09 -0400
Available diffs
file (1:5.25-2ubuntu1.4) xenial-security; urgency=medium * SECURITY REGRESSION: truncated interpreter name (LP: #1835596) - debian/patches/CVE-2019-8905_8907.patch: updated to use correct length in src/readelf.c. -- Marc Deslauriers <email address hidden> Tue, 12 May 2020 09:33:55 -0400
Available diffs
- diff from 1:5.25-2ubuntu1.3 to 1:5.25-2ubuntu1.4 (732 bytes)
Superseded in groovy-release |
Published in focal-release |
Deleted in focal-proposed (Reason: moved to Release) |
file (1:5.38-4) unstable; urgency=medium * Use the just-built file executable when running several debhelper programs. Closes: #948619 * Explicitly disable seccomp support. Closes: #948522 -- Christoph Biedl <email address hidden> Thu, 16 Jan 2020 21:39:11 +0100
Available diffs
file (1:5.37-6ubuntu1) focal; urgency=medium * No-change upload to prevent autosync of file 1:5.38-2, see #948269 -- Graham Inggs <email address hidden> Mon, 06 Jan 2020 11:15:02 +0000
Available diffs
file (5.09-2ubuntu0.8) precise-security; urgency=medium [ Marc Deslauriers ] * SECURITY UPDATE: buffer overflow via CDF_VECTOR elements - debian/patches/CVE-2019-18218.patch: limit the number of elements in a vector in src/cdf.*. - CVE-2019-18218 -- <email address hidden> (Leonidas S. Barbosa) Thu, 31 Oct 2019 11:42:33 -0300
Available diffs
file (1:5.25-2ubuntu1.3) xenial-security; urgency=medium * SECURITY UPDATE: buffer overflow via CDF_VECTOR elements - debian/patches/CVE-2019-18218.patch: limit the number of elements in a vector in src/cdf.*. - CVE-2019-18218 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2019 12:51:38 -0400
Available diffs
file (1:5.32-2ubuntu0.3) bionic-security; urgency=medium * SECURITY UPDATE: buffer overflow via CDF_VECTOR elements - debian/patches/CVE-2019-18218.patch: limit the number of elements in a vector in src/cdf.*. - CVE-2019-18218 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2019 12:50:19 -0400
Available diffs
file (1:5.35-4ubuntu0.1) disco-security; urgency=medium * SECURITY UPDATE: buffer overflow via CDF_VECTOR elements - debian/patches/CVE-2019-18218.patch: limit the number of elements in a vector in src/cdf.*. - CVE-2019-18218 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2019 12:49:38 -0400
Available diffs
file (1:5.37-5ubuntu0.1) eoan-security; urgency=medium * SECURITY UPDATE: buffer overflow via CDF_VECTOR elements - debian/patches/CVE-2019-18218.patch: limit the number of elements in a vector in src/cdf.*. - CVE-2019-18218 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2019 12:47:32 -0400
Available diffs
file (1:5.37-6) unstable; urgency=high * Cherry-pick commit to restrict the number of CDF_VECTOR elements. Closes: #942830 [CVE-2019-18218] -- Christoph Biedl <email address hidden> Tue, 22 Oct 2019 21:05:34 +0200
Available diffs
- diff from 1:5.37-5 to 1:5.37-6 (1.2 KiB)
Superseded in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to release) |
file (1:5.37-5) unstable; urgency=medium * Re-disable seccomp support, not feasible. Closes: #932480, #932481, #932762, #932947 -- Christoph Biedl <email address hidden> Fri, 26 Jul 2019 16:20:28 +0200
Available diffs
- diff from 1:5.35-4 to 1:5.37-5 (143.6 KiB)
- diff from 1:5.37-4 to 1:5.37-5 (1.3 KiB)
file (1:5.37-4) unstable; urgency=medium * Cherry-pick two commits that fine-tune seccomp handling * Allow syscalls make by libfakeroot. Closes: #932762 -- Christoph Biedl <email address hidden> Tue, 23 Jul 2019 01:34:12 +0200
Available diffs
- diff from 1:5.37-3 to 1:5.37-4 (1.8 KiB)
file (1:5.37-3) unstable; urgency=medium * Cherry-pick "Always support the --no-sandbox option" -- Christoph Biedl <email address hidden> Fri, 19 Jul 2019 23:33:03 +0200
Available diffs
- diff from 1:5.37-2 to 1:5.37-3 (1.8 KiB)
file (1:5.37-2) unstable; urgency=medium * New upstream version 5.37, upload to unstable * Refine seccomp support. Closes: #931985 * Cherry-pick "Add lzma decompression support" * Cherry-pick "Add lzma and bzip built-in decompression support" -- Christoph Biedl <email address hidden> Fri, 19 Jul 2019 16:18:13 +0200
file (1:5.25-2ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: overflows in do_core_note - debian/patches/CVE-2019-8905_8907.patch: limit size of file_printable in src/file.h, src/funcs.c, src/readelf.c, src/softmagic.c. - CVE-2019-8905 - CVE-2019-8907 -- Marc Deslauriers <email address hidden> Wed, 13 Mar 2019 12:49:55 -0400
Available diffs
file (1:5.34-2ubuntu0.1) cosmic-security; urgency=medium * SECURITY UPDATE: buffer over-read in do_bid_note - debian/patches/CVE-2019-8904-pre.patch: correct error handling for file_printf() in src/readelf.c. - debian/patches/CVE-2019-8904.patch: avoid non-nul-terminated string read in src/readelf.c. - CVE-2019-8904 * SECURITY UPDATE: overflows in do_core_note - debian/patches/CVE-2019-8905_8907.patch: limit size of file_printable in src/file.h, src/funcs.c, src/readelf.c, src/softmagic.c. - CVE-2019-8905 - CVE-2019-8907 * SECURITY UPDATE: out-of-bounds read in do_core_note - debian/patches/CVE-2019-8906.patch: add bounds check in src/readelf.c. - CVE-2019-8906 -- Marc Deslauriers <email address hidden> Wed, 13 Mar 2019 11:58:20 -0400
Available diffs
file (1:5.32-2ubuntu0.2) bionic-security; urgency=medium * SECURITY UPDATE: overflows in do_core_note - debian/patches/CVE-2019-8905_8907.patch: limit size of file_printable in src/file.h, src/funcs.c, src/readelf.c, src/softmagic.c. - CVE-2019-8905 - CVE-2019-8907 * SECURITY UPDATE: out-of-bounds read in do_core_note - debian/patches/CVE-2019-8906.patch: add bounds check in src/readelf.c. - CVE-2019-8906 -- Marc Deslauriers <email address hidden> Wed, 13 Mar 2019 12:43:04 -0400
Available diffs
Superseded in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
file (1:5.35-4) unstable; urgency=medium * Cherry-pick fix for JSON detection. Closes: 922874 -- Christoph Biedl <email address hidden> Sat, 02 Mar 2019 08:05:54 +0100
Available diffs
- diff from 1:5.35-2 to 1:5.35-4 (28.3 KiB)
file (1:5.35-2) unstable; urgency=medium * Upload to unstable * Clarify manpage: seccomp is disabled for the time being (#917930) -- Christoph Biedl <email address hidden> Fri, 11 Jan 2019 17:26:27 +0100
Available diffs
- diff from 1:5.34-2 to 1:5.35-2 (46.5 KiB)
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
file (1:5.34-2) unstable; urgency=medium * Cherry-pick from upstream: Handle [elf] files without program headers gracefully. Closes: #882310 -- Christoph Biedl <email address hidden> Sun, 05 Aug 2018 19:53:19 +0200
Available diffs
- diff from 1:5.33-3 to 1:5.34-2 (75.9 KiB)
file (1:5.14-2ubuntu3.4) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via large number of notes or long string - debian/patches/CVE-2014-962x-pre*.patch: backport pre-requisite code changes. - debian/patches/CVE-2014-962x-1.patch: add a limit to the number of ELF notes processed in doc/file.man, doc/libmagic.man, src/apprentice.c, src/elfclass.h, src/file.c, src/file.h, src/file_opts.h, src/magic.c, src/magic.h.in, src/readelf.c. - debian/patches/CVE-2014-962x-2.patch: limit string printing to 100 chars, and add flags in src/readelf.c. - CVE-2014-9620 - CVE-2014-9621 * SECURITY UPDATE: denial of service via crafted ELF file - debian/patches/CVE-2014-9653.patch: bail out on partial reads in src/readelf.c. - CVE-2014-9653 * SECURITY UPDATE: memory corruption in file_check_mem. - debian/patches/CVE-2015-8865.patch: properly calculate length in src/funcs.c. - CVE-2015-8865 * SECURITY UPDATE: out-of-bounds read via crafted ELF file - debian/patches/CVE-2018-10360.patch: add bounds check to src/readelf.c. - CVE-2018-10360 -- Marc Deslauriers <email address hidden> Wed, 13 Jun 2018 14:45:30 -0400
Available diffs
file (1:5.32-2ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: out-of-bounds read via crafted ELF file - debian/patches/CVE-2018-10360.patch: add bounds check to src/readelf.c. - CVE-2018-10360 -- Marc Deslauriers <email address hidden> Wed, 13 Jun 2018 13:09:39 -0400
Available diffs
file (1:5.32-1ubuntu0.1) artful-security; urgency=medium * SECURITY UPDATE: out-of-bounds read via crafted ELF file - debian/patches/CVE-2018-10360.patch: add bounds check to src/readelf.c. - CVE-2018-10360 -- Marc Deslauriers <email address hidden> Wed, 13 Jun 2018 13:11:07 -0400
Available diffs
file (1:5.25-2ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: out-of-bounds read via crafted ELF file - debian/patches/CVE-2018-10360.patch: add bounds check to src/readelf.c. - CVE-2018-10360 -- Marc Deslauriers <email address hidden> Wed, 13 Jun 2018 13:11:41 -0400
Available diffs
file (1:5.33-3) unstable; urgency=high * Avoid reading past the end of buffer. Closes: #901351 [CVE-2018-10360] -- Christoph Biedl <email address hidden> Mon, 11 Jun 2018 22:52:24 +0200
Available diffs
- diff from 1:5.33-2 to 1:5.33-3 (910 bytes)
file (1:5.33-2) unstable; urgency=medium * Recognize ia64 and amd64 COFF files. Closes: #877643 * Disable erroneous DBPF detection that breaks SQLite and some more. Closes: 897153 -- Christoph Biedl <email address hidden> Sun, 29 Apr 2018 12:13:32 +0200
Available diffs
- diff from 1:5.32-2 to 1:5.33-2 (93.8 KiB)
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
file (1:5.32-2) unstable; urgency=medium * No longer ship python-magic libraries, they are now provided by src:python-magic -- Christoph Biedl <email address hidden> Tue, 13 Feb 2018 21:43:38 +0100
Available diffs
- diff from 1:5.32-1 to 1:5.32-2 (3.4 KiB)
file (1:5.29-3ubuntu0.1) zesty-security; urgency=medium * SECURITY UPDATE: buffer overflow when processing elf files - debian/patches/CVE-2017-1000249.patch: correct logic of size check - CVE-2017-1000249 -- Steve Beattie <email address hidden> Thu, 07 Sep 2017 11:09:08 -0700
Available diffs
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
file (1:5.32-1) unstable; urgency=high * New upstream version 5.32 -- Christoph Biedl <email address hidden> Mon, 04 Sep 2017 18:20:35 +0200
Available diffs
- diff from 1:5.31-1 to 1:5.32-1 (25.3 KiB)
file (1:5.31-1) unstable; urgency=medium * New upstream version 5.31 -- Christoph Biedl <email address hidden> Sun, 06 Aug 2017 17:29:56 +0200
Available diffs
- diff from 1:5.30-1 to 1:5.31-1 (99.5 KiB)
file (1:5.30-1) unstable; urgency=high * New upstream version 5.30 * Cherry-pick commits that fix issues found by oss-fuzz * Revert new features introduced since 1:5.29-3 -- Christoph Biedl <email address hidden> Sat, 29 Apr 2017 10:57:11 +0200
Available diffs
- diff from 1:5.29-3 to 1:5.30-1 (40.3 KiB)
Superseded in artful-release |
Obsolete in zesty-release |
Deleted in zesty-proposed (Reason: moved to release) |
file (1:5.29-3) unstable; urgency=medium * Restore full local.support-local-definitions-in-etc-magic patch. Closes: #852476 * Include all upstream commits since the 5.29 release * Improve detection of Flash data. Closes: #838860 -- Christoph Biedl <email address hidden> Thu, 26 Jan 2017 00:29:24 +0100
Available diffs
- diff from 1:5.29-2 to 1:5.29-3 (17.4 KiB)
file (1:5.29-2) unstable; urgency=medium * Include all upstream commits since the 5.29 release. Addresses: - Detect compiled YARA rules. Closes: #833872 - Detect old Word for Mac documents. Closes: #842117 * Disable detection of Algol68 files, way too many false positives -- Christoph Biedl <email address hidden> Tue, 13 Dec 2016 16:06:43 +0100
Available diffs
- diff from 1:5.28-2ubuntu1 (in Ubuntu) to 1:5.29-2 (52.6 KiB)
- diff from 1:5.29-1 to 1:5.29-2 (9.5 KiB)
file (1:5.29-1) unstable; urgency=medium * New upstream version 5.28. Addresses (in order of appearance): - "no read permission" if read from empty pipe. Closes: #508963 - Mistakes hungarian text as dos executables. Closes: #641012 - Does not recognize some GPG key public rings. Closes: #729286 - Show more information for MySQL files. Closes: #751826 - Linux kernel version string truncated. Closes: #756949 - Document file's '-d' option. Closes: #764462 - Detect JPEG-XR. Closes: #771303 - Detect Material exchange container format (mxf). Closes: #782744 - Strengthen detection of Embedded OpenType (EOT). Closes: #784572 - Mistakes some text as bitmap. Closes: #799352 - Dectect swp files from nano, vim, and kate. Closes: #803219 - Mistakes some SVG files as HTML. Closes: #829199 * Fix FTCBFS: Remove stage1 profile in favour of a proper arch/indep split. Thanks Helmut Grohne. Closes: #841030 -- Christoph Biedl <email address hidden> Tue, 25 Oct 2016 21:09:24 +0200
Superseded in zesty-release |
Obsolete in yakkety-release |
Deleted in yakkety-proposed (Reason: moved to release) |
file (1:5.28-2ubuntu1) yakkety; urgency=medium * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build.
Available diffs
- diff from 1:5.25-2ubuntu1 to 1:5.28-2ubuntu1 (95.6 KiB)
Superseded in yakkety-release |
Published in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
file (1:5.25-2ubuntu1) xenial; urgency=medium * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build.
Available diffs
- diff from 1:5.22+15-2ubuntu1 to 1:5.25-2ubuntu1 (492.4 KiB)
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
file (1:5.22+15-2ubuntu1) wily; urgency=medium * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build. * Dropped patches included in new version: - debian/patches/CVE-2014-3710.patch - debian/patches/CVE-2014-8116.patch - debian/patches/CVE-2014-8117.patch - debian/patches/pr398-truncate-pascal-strings.patch
Available diffs
- diff from 1:5.20-1ubuntu2 to 1:5.22+15-2ubuntu1 (486.0 KiB)
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
file (1:5.20-1ubuntu2) vivid; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/apprentice.c, src/file.c, src/file.h, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h.in, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number * debian/libmagic1.symbols: added new symbols -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 08:28:35 -0500
Available diffs
file (1:5.19-1ubuntu1.2) utopic-security; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/apprentice.c, src/file.c, src/file.h, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h.in, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number * debian/libmagic1.symbols: added new symbols -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 08:50:57 -0500
Available diffs
file (5.03-5ubuntu1.5) lucid-security; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/file.{c,h}, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 10:35:33 -0500
Available diffs
file (1:5.14-2ubuntu3.3) trusty-security; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/apprentice.c, src/file.c, src/file.h, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h.in, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number * debian/libmagic1.symbols: added new symbols -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 09:23:18 -0500
Available diffs
file (5.09-2ubuntu0.6) precise-security; urgency=medium * SECURITY UPDATE: DoS via insufficient note headers - debian/patches/CVE-2014-3710.patch: handle running out of not headers in src/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: DoS in ELF parser - debian/patches/CVE-2014-8116.patch: limit number of headers and capabilities in src/elfclass.h, src/readelf.c. - CVE-2014-8116 * SECURITY UPDATE: DoS via missing recursion limits - debian/patches/CVE-2014-8117.patch: lower recursion level and allow it to be set from the command line in src/file.{c,h}, src/file_opts.h, src/funcs.c, src/magic.c, src/magic.h, src/softmagic.c, add new option to documentation in doc/file.man, doc/libmagic.man. - CVE-2014-8117 * SECURITY UPDATE: DoS via long pascal strings - debian/patches/pr398-truncate-pascal-strings.patch: correctly calculate size in src/softmagic.c. - No CVE number -- Marc Deslauriers <email address hidden> Tue, 27 Jan 2015 10:10:29 -0500
Available diffs
file (1:5.20-1ubuntu1) vivid; urgency=low * Merge from Debian unstable. Remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build.
Available diffs
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
file (1:5.19-1ubuntu1.1) utopic-security; urgency=medium * SECURITY UPDATE: buffer underflow in CDF file identification - debian/patches/CVE-2014-3587.patch: modify src/cdf.c to detect and abort on buffer underflows. - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 27 Aug 2014 23:29:53 -0700
Available diffs
file (1:5.14-2ubuntu3.2) trusty-security; urgency=medium * SECURITY UPDATE: buffer underflow in CDF file identification - debian/patches/CVE-2014-3587.patch: modify src/cdf.c to detect and abort on buffer underflows. - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 27 Aug 2014 23:33:26 -0700
Available diffs
- diff from 1:5.14-2ubuntu3.1 to 1:5.14-2ubuntu3.2 (881 bytes)
file (5.09-2ubuntu0.5) precise-security; urgency=medium * SECURITY UPDATE: buffer underflow in CDF file identification - debian/patches/CVE-2014-3587.patch: modify src/cdf.c to detect and abort on buffer underflows. - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 27 Aug 2014 23:34:57 -0700
Available diffs
- diff from 5.09-2ubuntu0.4 to 5.09-2ubuntu0.5 (864 bytes)
file (5.03-5ubuntu1.4) lucid-security; urgency=medium * SECURITY UPDATE: buffer underflow in CDF file identification - debian/patches/CVE-2014-3587.patch: modify src/cdf.c to detect and abort on buffer underflows. - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 27 Aug 2014 23:36:31 -0700
Available diffs
- diff from 5.03-5ubuntu1.3 to 5.03-5ubuntu1.4 (792 bytes)
file (5.09-2ubuntu0.4) precise-security; urgency=medium * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in magic/Magdir/commands. - CVE-2013-7345 * SECURITY UPDATE: denial of service in cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in src/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in src/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2014-3538.patch: allow specifying lengths for regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust existing expressions in magic/Magdir/commands, magic/Magdir/fortran, magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific, magic/Magdir/troff, update manpage in doc/magic.man. - CVE-2014-3538 -- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 12:00:51 -0400
Available diffs
file (5.03-5ubuntu1.3) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in magic/Magdir/commands. - CVE-2013-7345 * SECURITY UPDATE: denial of service in cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in src/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3487 -- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 12:20:21 -0400
Available diffs
file (5.11-2ubuntu4.3) saucy-security; urgency=medium * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in magic/Magdir/commands. - CVE-2013-7345 * SECURITY UPDATE: denial of service in cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in src/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in src/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2014-3538.patch: allow specifying lengths for regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust existing expressions in magic/Magdir/commands, magic/Magdir/fortran, magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific, magic/Magdir/troff, update manpage in doc/magic.man. - CVE-2014-3538 * debian/patches/commands-strength.patch: reduce strength of awk rule so it doesn't get priority over perl scripts. -- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 11:56:29 -0400
Available diffs
file (1:5.14-2ubuntu3.1) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2013-7345.patch: limit to 100 repetitions in magic/Magdir/commands. - CVE-2013-7345 * SECURITY UPDATE: denial of service in cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in src/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in src/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in src/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service via awk rule backtracking - debian/patches/CVE-2014-3538.patch: allow specifying lengths for regex in src/apprentice.c, src/file.h, src/softmagic.c, adjust existing expressions in magic/Magdir/commands, magic/Magdir/fortran, magic/Magdir/graphviz, magic/Magdir/marc21, magic/Magdir/scientific, magic/Magdir/troff, update manpage in doc/magic.man. - CVE-2014-3538 * debian/patches/commands-strength.patch: reduce strength of awk rule so it doesn't get priority over perl scripts. -- Marc Deslauriers <email address hidden> Thu, 10 Jul 2014 09:40:56 -0400
Available diffs
file (1:5.19-1ubuntu1) utopic; urgency=medium * Merge with Debian; remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build. - Recognize python3.4 byte code.
Available diffs
- diff from 1:5.18-1ubuntu1 to 1:5.19-1ubuntu1 (54.4 KiB)
file (1:5.18-1ubuntu1) utopic; urgency=medium * Merge with Debian; remaining changes: - Adjust python build dependencies for cross builds. - Allow the package to cross-build. - Recognize python3.4 byte code. * Dropped upstreamed patches: - debian/patches/CVE-2014-2270.patch - debian/patches/CVE-2013-1943.patch
Available diffs
- diff from 1:5.14-2ubuntu3 to 1:5.18-1ubuntu1 (246.1 KiB)
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
file (1:5.14-2ubuntu3) trusty; urgency=medium * SECURITY UPDATE: denial of service via crafted offset in PE executable - debian/patches/CVE-2014-2270.patch: check bounds in src/softmagic.c. - CVE-2014-2270 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 13:27:40 -0400
Available diffs
file (5.11-2ubuntu0.2) quantal-security; urgency=medium * SECURITY UPDATE: denial of service via crafted offset in PE executable - debian/patches/CVE-2014-2270.patch: check bounds in src/softmagic.c. - CVE-2014-2270 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 13:32:55 -0400
Available diffs
file (5.09-2ubuntu0.3) precise-security; urgency=medium * SECURITY UPDATE: denial of service via crafted offset in PE executable - debian/patches/CVE-2014-2270.patch: check bounds in src/softmagic.c. - CVE-2014-2270 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 13:34:02 -0400
Available diffs
file (5.03-5ubuntu1.2) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via crafted offset in PE executable - debian/patches/CVE-2014-2270.patch: check bounds in src/softmagic.c. - CVE-2014-2270 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 13:35:22 -0400
Available diffs
file (5.11-2ubuntu4.2) saucy-security; urgency=medium * SECURITY UPDATE: denial of service via crafted offset in PE executable - debian/patches/CVE-2014-2270.patch: check bounds in src/softmagic.c. - CVE-2014-2270 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 13:32:25 -0400
Available diffs
file (1:5.14-2ubuntu2) trusty; urgency=medium * SECURITY UPDATE: denial of service via crafted indirect offset value - debian/patches/CVE-2013-1943.patch: properly handle recursion in src/ascmagic.c, src/file.h, src/funcs.c, src/softmagic.c. - CVE-2013-1943 -- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 11:23:34 -0500
Available diffs
file (5.09-2ubuntu0.2) precise-security; urgency=medium * SECURITY UPDATE: denial of service via crafted CDF file - debian/patches/CVE-2012-1571.patch: - CVE-2012-1571 * SECURITY UPDATE: denial of service via crafted indirect offset value - debian/patches/CVE-2013-1943.patch: properly handle recursion in src/ascmagic.c, src/file.h, src/funcs.c, src/softmagic.c. - CVE-2013-1943 -- Marc Deslauriers <email address hidden> Wed, 26 Feb 2014 10:10:03 -0500
Available diffs
1 → 75 of 134 results | First • Previous • Next • Last |