[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 204-1] file security update

Package        : file
Version        : 5.04-5+squeeze10
CVE ID         : CVE-2014-9653
Debian Bug     : 777585

This update fixes the following issue in the file package:


    readelf.c does not consider that pread calls sometimes read only
    a subset of the available data, which allows remote attackers to
    cause a denial of service (uninitialized memory access) or
    possibly have unspecified other impact via a crafted ELF file.

Attachment: signature.asc
Description: Digital signature

Reply to: