Stay Secure with the Latest Linux Advisories

security advisorycriticalFedora

Fedora 27: FEDORA-2018-b5de855e94 Critical: Out-Of-Bounds Read Issue

- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-b5de855e94 2018-06-28 13:33:04.633361 --------------------------------------------------------------------------------Name : file Product : Fedora 27 Version : 5.31 Release : 12.fc27 URL : https://www.darwinsys.com/file/ Summary : A utility for determining file types Description : The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. --------------------------------------------------------------------------------Update Information: - fix out-of-bounds read via a crafted ELF file (CVE-2018-10360) --------------------------------------------------------------------------------ChangeLog: * Wed Jun 13 2018 Kamil Dudka - 5.31-12 - fix out-of-bounds read via a crafted ELF file (CVE-2018-10360) * Wed Apr 18 2018 Kamil Dudka - 5.31-11 - increase strength of GIF to beat MBR (#1515180) --------------------------------------------------------------------------------References: [ 1 ] Bug #1590002 - CVE-2018-10360 file: out-of-bounds read via a crafted ELF file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1590002 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-b5de855e94' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/UPDABXIPURFX4SC3LBZH44CG2CJP26SL/ . Keep informed about the pivotal security patch for Fedora 27, addressing a buffer overflow vulnerability arising from specially designed ELF files.. Fedora 27 security update,file command fix,elf file exploit,out-of-bounds fix,security patch. . Severity: Critical. LinuxSecurity.com Team

Jun 28, 2018 •Critical Fedora