- Package name
- Advisory ID
- Affected versions
- MBS1 x86_64
Updated file packages fix security vulnerabilities:
A flaw was found in the way file parsed property information from
Composite Document Files (CDF) files, where the mconvert() function did
not correctly compute the truncated pascal string size (CVE-2014-3478).
Multiple flaws were found in the way file parsed property information
from Composite Document Files (CDF) files, due to insufficient boundary
checks on buffers (CVE-2014-3479, CVE-2014-3480, CVE-2014-3487).
Note: these issues were announced as part of the upstream PHP 5.4.30
release, as PHP bundles file's libmagic library. Their announcement
also references an issue in CDF file parsing, CVE-2014-0207, which
was previously fixed in the file package in MGASA-2014-0252, but was
not announced at that time.
8e1ee8abafa844ed407f0f0b7d9281ee mbs1/x86_64/file-5.12-1.3.mbs1.x86_64.rpm 021a9c59681a806162833049a01431fe mbs1/x86_64/lib64magic1-5.12-1.3.mbs1.x86_64.rpm cee7091c00002276d3e6377f601f331f mbs1/x86_64/lib64magic-devel-5.12-1.3.mbs1.x86_64.rpm eb0fdbb60d79014687c102681eec6cfd mbs1/x86_64/lib64magic-static-devel-5.12-1.3.mbs1.x86_64.rpm 5da77e303c85b116d20a34ab7fa76263 mbs1/x86_64/python-magic-5.12-1.3.mbs1.noarch.rpm 4b842d4eeff485db6e50cd120c56990b mbs1/SRPMS/file-5.12-1.3.mbs1.src.rpm