Bug#823794: jessie-pu: package file/1:5.22+15-2+deb8u2
Control: tags -1 + pending
On Sat, 2016-05-14 at 18:05 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Mon, 2016-05-09 at 08:31 +0200, Christoph Biedl wrote:
> > the stable security team suggested to fix CVE-2015-8865¹ in the
> > file package via a point relase.
> >
> > Description: "Buffer over-write in finfo_open with malformed magic
> > file". If a magic file is unter attacker's control, this can be abused
> > to crash file.
>
> Please go ahead.
Recently uploaded; flagged for acceptance.
Regards,
Adam
Reply to: