What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-b5de855e94
2018-06-28 13:33:04.633361
--------------------------------------------------------------------------------Name        : file
Product     : Fedora 27
Version     : 5.31
Release     : 12.fc27
URL         : http://www.darwinsys.com/file/
Summary     : A utility for determining file types
Description :
The file command is used to identify a particular file according to the
type of data contained by the file.  File can identify many different
file types, including ELF binaries, system libraries, RPM packages, and
different graphics formats.

--------------------------------------------------------------------------------Update Information:

- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)
--------------------------------------------------------------------------------ChangeLog:

* Wed Jun 13 2018 Kamil Dudka  - 5.31-12
- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)
* Wed Apr 18 2018 Kamil Dudka  - 5.31-11
- increase strength of GIF to beat MBR (#1515180)
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1590002 - CVE-2018-10360 file: out-of-bounds read via a crafted ELF file [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1590002
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-b5de855e94' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPDABXIPURFX4SC3LBZH44CG2CJP26SL/

Fedora 27: file Security Update

June 28, 2018
- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)

Summary

The file command is used to identify a particular file according to the

type of data contained by the file. File can identify many different

file types, including ELF binaries, system libraries, RPM packages, and

different graphics formats.

- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)

* Wed Jun 13 2018 Kamil Dudka - 5.31-12

- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)

* Wed Apr 18 2018 Kamil Dudka - 5.31-11

- increase strength of GIF to beat MBR (#1515180)

[ 1 ] Bug #1590002 - CVE-2018-10360 file: out-of-bounds read via a crafted ELF file [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1590002

su -c 'dnf upgrade --advisory FEDORA-2018-b5de855e94' at the command

line. For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPDABXIPURFX4SC3LBZH44CG2CJP26SL/

FEDORA-2018-b5de855e94 2018-06-28 13:33:04.633361 Product : Fedora 27 Version : 5.31 Release : 12.fc27 URL : http://www.darwinsys.com/file/ Summary : A utility for determining file types Description : The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. - fix out-of-bounds read via a crafted ELF file (CVE-2018-10360) * Wed Jun 13 2018 Kamil Dudka - 5.31-12 - fix out-of-bounds read via a crafted ELF file (CVE-2018-10360) * Wed Apr 18 2018 Kamil Dudka - 5.31-11 - increase strength of GIF to beat MBR (#1515180) [ 1 ] Bug #1590002 - CVE-2018-10360 file: out-of-bounds read via a crafted ELF file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1590002 su -c 'dnf upgrade --advisory FEDORA-2018-b5de855e94' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPDABXIPURFX4SC3LBZH44CG2CJP26SL/

Change Log

References

Update Instructions

Severity
Product : Fedora 27
Version : 5.31
Release : 12.fc27
URL : http://www.darwinsys.com/file/
Summary : A utility for determining file types

Related News

X.Org DoS, Code Execution Vulns Fixed

Aug 3, 2023

Linux Kernel DoS, Code Execution, Info Disclosure Vulns Fixed

Jul 6, 2023

PHP Vuln Threatens Confidentiality of Impacted Systems

May 11, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo