ELSA-2016-0760

ELSA-2016-0760 - file security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2016-05-12

Description


[5.04-30]
- fix CVE-2014-3538 (unrestricted regular expression matching)

[5.04-29]
- fix #1284826 - try to read ELF header to detect corrupted one

[5.04-28]
- fix #1263987 - fix bugs found by coverity in the patch

[5.04-27]
- fix CVE-2014-3587 (incomplete fix for CVE-2012-1571)
- fix CVE-2014-3710 (out-of-bounds read in elf note headers)
- fix CVE-2014-8116 (multiple DoS issues (resource consumption))
- fix CVE-2014-8117 (denial of service issue (resource consumption))
- fix CVE-2014-9620 (limit the number of ELF notes processed)
- fix CVE-2014-9653 (malformed elf file causes access to uninitialized memory)

[5.04-26]
- fix #809898 - add support for detection of Python 2.7 byte-compiled files

[5.04-25]
- fix #1263987 - fix coredump execfn detection on ppc64 and s390

[5.04-24]
- fix #966953 - include msooxml file in magic.mgc generation

[5.04-23]
- fix #966953 - increate the strength of MSOOXML magic patterns

[5.04-22]
- fix #1169509 - add support for Java 1.7 and 1.8
- fix #1243650 - comment out too-sensitive Pascal magic
- fix #1080453 - remove .orig files from magic directory
- fix #1161058 - add support for EPUB
- fix #1162149 - remove parts of patches patching .orig files
- fix #1154802 - fix detection of zip files containing file named 'mime'
- fix #1246073 - fix detection UTF8 and UTF16 encoded XML files
- fix #1263987 - add new 'execfn' to coredump output to show the real name of
executable which generated the coredump
- fix #809898 - add support for detection of Python 3.2-3.5 byte-compiled files
- fix #966953 - backport support for MSOOXML


Related CVEs


CVE-2014-3538
CVE-2014-3587
CVE-2014-3710
CVE-2014-8116
CVE-2014-8117
CVE-2014-9653
CVE-2014-9620

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) file-5.04-30.el6.src.rpm7d484780df158fa46b3dadae3dbf8027ELBA-2019-4569
file-5.04-30.el6.i686.rpme261e10b5f7e0fffb1735d82cb841899ELBA-2019-4569
file-devel-5.04-30.el6.i686.rpm177edb048efa67d3bda2af24beb47244ELBA-2019-4569
file-libs-5.04-30.el6.i686.rpm0e96af8227b6ecfc58105189113bf92cELBA-2019-4569
file-static-5.04-30.el6.i686.rpm76d87b94d72c987872290c0066f02d0eELBA-2019-4569
python-magic-5.04-30.el6.i686.rpm73b3e889179072ca6a86b5f4cf7d49a0ELBA-2019-4569
Oracle Linux 6 (x86_64) file-5.04-30.el6.src.rpm7d484780df158fa46b3dadae3dbf8027ELBA-2019-4569
file-5.04-30.el6.x86_64.rpm40f96fbfcd5e1e0f25e758a287d07e95ELBA-2019-4569
file-devel-5.04-30.el6.i686.rpm177edb048efa67d3bda2af24beb47244ELBA-2019-4569
file-devel-5.04-30.el6.x86_64.rpmcddb81bd3b67d5f72158ba06b0f64575ELBA-2019-4569
file-libs-5.04-30.el6.i686.rpm0e96af8227b6ecfc58105189113bf92cELBA-2019-4569
file-libs-5.04-30.el6.x86_64.rpm023c7a6e2ed9830522c478e4cfa2f0caELBA-2019-4569
file-static-5.04-30.el6.x86_64.rpm60c29090d816408b034b280a2099ffeaELBA-2019-4569
python-magic-5.04-30.el6.x86_64.rpm7162e086d04c465a219bc6d831aae2eeELBA-2019-4569



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete