Package : file Version : 5.04-5+squeeze10 CVE ID : CVE-2014-9653 Debian Bug : 777585 This update fixes the following issue in the file package: CVE-2014-9653 readelf.c does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
Attachment:
signature.asc
Description: Digital signature