Bug#823794: jessie-pu: package file/1:5.22+15-2+deb8u2

To: 823794@bugs.debian.org
Cc: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Subject: Bug#823794: jessie-pu: package file/1:5.22+15-2+deb8u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 17 Jun 2016 22:44:55 +0100
Message-id: <[🔎] 1466199895.3864.23.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 823794@bugs.debian.org
In-reply-to: <1463245502.6062.23.camel@adam-barratt.org.uk>
References: <1462775037@msgid.manchmal.in-ulm.de> <1463245502.6062.23.camel@adam-barratt.org.uk>

Control: tags -1 + pending

On Sat, 2016-05-14 at 18:05 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2016-05-09 at 08:31 +0200, Christoph Biedl wrote:
> > the stable security team suggested to fix CVE-2015-8865¹ in the
> > file package via a point relase.
> > 
> > Description: "Buffer over-write in finfo_open with malformed magic
> > file". If a magic file is unter attacker's control, this can be abused
> > to crash file.
> 
> Please go ahead.

Recently uploaded; flagged for acceptance.

Regards,

Adam

Reply to:

Prev by Date: Re: [Stretch] Status for architecture qualification
Next by Date: Processed: Re: Bug#823794: jessie-pu: package file/1:5.22+15-2+deb8u2
Previous by thread: Processed: tagging 827160
Next by thread: Processed: Re: Bug#823794: jessie-pu: package file/1:5.22+15-2+deb8u2
Index(es):
- Date
- Thread