MDVSA-2009:129
- Nom du paquet
- file
- Date
- 2009-06-05
- Advisory ID
- MDVSA-2009:129
- Affected versions
- 2009.1 i586 , 2009.1 x86_64
Problem description
A security vulnerability has been identified and fixed in file:
Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c
in Christos Zoulas file 5.00 allows user-assisted remote attackers
to execute arbitrary code via a crafted compound document file,
as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these
details are obtained from third party information (CVE-2009-1515).
This update provides file-5.03, which is not vulnerable to this,
and other unspecified issues.
Updated packages
2009.1 i586
714210b7d1f8229a42ad3a74140b56c0 2009.1/i586/file-5.03-2.1mdv2009.1.i586.rpm 22c6a4a5dfd408194d4bc1f675078db1 2009.1/i586/libmagic1-5.03-2.1mdv2009.1.i586.rpm 06514afdf86b584c4ffab7cfe5f27071 2009.1/i586/libmagic-devel-5.03-2.1mdv2009.1.i586.rpm a21c00a45b081ae2f27e6e060df13fa8 2009.1/i586/libmagic-static-devel-5.03-2.1mdv2009.1.i586.rpm 1b433b429b9199afa97f2a5df547815c 2009.1/i586/python-magic-5.03-2.1mdv2009.1.i586.rpm 140b8ffc12d337d70a317a3c1599ab12 2009.1/SRPMS/file-5.03-2.1mdv2009.1.src.rpm
2009.1 x86_64
dde9982f605e023a9b07dc9933d10a10 2009.1/x86_64/file-5.03-2.1mdv2009.1.x86_64.rpm 004adbba8f58328c07ee3d1c8d2651a0 2009.1/x86_64/lib64magic1-5.03-2.1mdv2009.1.x86_64.rpm a693e89d97dca93c8fba466cab5c9576 2009.1/x86_64/lib64magic-devel-5.03-2.1mdv2009.1.x86_64.rpm 750e3d4d11365b315b3134c07bb432da 2009.1/x86_64/lib64magic-static-devel-5.03-2.1mdv2009.1.x86_64.rpm 77f8329b8a06c038f1c23c837cff756c 2009.1/x86_64/python-magic-5.03-2.1mdv2009.1.x86_64.rpm 140b8ffc12d337d70a317a3c1599ab12 2009.1/SRPMS/file-5.03-2.1mdv2009.1.src.rpm