SciLinux: CVE-2007-2799 file SL5.x, SL4.x i386/x86_64
Summary
Date: Fri, 1 Jun 2007 15:54:01 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for file on SL5.x, SL4.x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: file security updateIssue date: 2007-05-30CVE Names: CVE-2007-2799The fix for CVE-2007-1536 introduced a new integer underflow flaw in thefile utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799)SL 4.x SRPMS: file-4.10-3.0.2.el4.src.rpm i386: file-4.10-3.0.2.el4.i386.rpm x86_64: file-4.10-3.0.2.el4.x86_64.rpmSL 5.x SRPMS: file-4.17-9.0.1.el5.src.rpm i386: file-4.17-9.0.1.el5.i386.rpm x86_64: file-4.17-9.0.1.el5.x86_64.rpm-Connie Sieh-Troy Dawson