MGASA-2019-0118
- Source
- https://advisories.mageia.org/MGASA-2019-0118.html
- Import Source
- https://advisories.mageia.org/MGASA-2019-0118.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2019-0118
- Related
- Published
- 2019-03-29T15:51:06Z
- Modified
- 2019-03-29T15:22:18Z
- Summary
- Updated file packages fix security vulnerabilities
- Details
-
The updated file packages fix security vulnerabilities:
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. (CVE-2019-8905)
docorenote in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. (CVE-2019-8907)
- References
-
- https://advisories.mageia.org/MGASA-2019-0118.html
- https://bugs.mageia.org/show_bug.cgi?id=24498
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JG7FM7W3R4C4P5R4PFNBYEGTQHASG2O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5DKJLTXLQCKG4GQNC5JUDGVGAJAJJ2K3/
- https://lists.suse.com/pipermail/sle-security-updates/2019-March/005176.html
- https://usn.ubuntu.com/3911-1/
- https://lists.opensuse.org/opensuse-updates/2019-03/msg00076.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / file
Package
- Name
- file
- Purl
- pkg:rpm/mageia/file?distro=mageia-6