Your message dated Sat, 17 Sep 2016 13:08:06 +0100 with message-id <1474114086.2011.126.camel@adam-barratt.org.uk> and subject line Closing p-u bugs for updates in 8.6 has caused the Debian Bug report #823794, regarding jessie-pu: package file/1:5.22+15-2+deb8u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 823794: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823794 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: jessie-pu: package file/1:5.22+15-2+deb8u2
- From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
- Date: Mon, 9 May 2016 08:31:53 +0200
- Message-id: <1462775037@msgid.manchmal.in-ulm.de>
Package: release.debian.org Severity: normal Tags: jessie User: release.debian.org@packages.debian.org Usertags: pu Hello release team, the stable security team suggested to fix CVE-2015-8865¹ in the file package via a point relase. Description: "Buffer over-write in finfo_open with malformed magic file". If a magic file is unter attacker's control, this can be abused to crash file. The debdiff is attached. Regards, Christoph ¹https://security-tracker.debian.org/tracker/CVE-2015-8865 -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.4.9 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)diff -Nru file-5.22+15/debian/changelog file-5.22+15/debian/changelog --- file-5.22+15/debian/changelog 2015-09-13 18:27:47.000000000 +0200 +++ file-5.22+15/debian/changelog 2016-05-09 08:23:30.000000000 +0200 @@ -1,3 +1,10 @@ +file (1:5.22+15-2+deb8u2) stable; urgency=high + + * Fix CVE-2015-8865: + Buffer over-write in finfo_open with malformed magic file. + + -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de> Mon, 09 May 2016 08:18:53 +0200 + file (1:5.22+15-2+deb8u1) stable; urgency=medium * Fix handling of file's --parameter option. Closes: #798410 diff -Nru file-5.22+15/debian/patches/CVE-2015-8865.6713ca4.patch file-5.22+15/debian/patches/CVE-2015-8865.6713ca4.patch --- file-5.22+15/debian/patches/CVE-2015-8865.6713ca4.patch 1970-01-01 01:00:00.000000000 +0100 +++ file-5.22+15/debian/patches/CVE-2015-8865.6713ca4.patch 2016-05-09 08:17:17.000000000 +0200 @@ -0,0 +1,24 @@ +Subject: Buffer over-write in finfo_open with malformed magic file +ID: CVE-2015-8865 +Upstream-Author: Christos Zoulas <christos@zoulas.com> +Author: Christos Zoulas <christos@zoulas.com> +Date: Wed Jun 3 18:01:20 2015 +0000 +Origin: FILE5_22-75-g6713ca4 +Origin: https://bugs.php.net/bug.php?id=71527 (Original bug report) +Origin: http://bugs.gw.com/view.php?id=522 (bug report for file) + + [ Original description: ] + PR/454: Fix memory corruption when the continuation level jumps by more than + 20 in a single step. + +--- a/src/funcs.c ++++ b/src/funcs.c +@@ -401,7 +401,7 @@ + size_t len; + + if (level >= ms->c.len) { +- len = (ms->c.len += 20) * sizeof(*ms->c.li); ++ len = (ms->c.len = 20 + level) * sizeof(*ms->c.li); + ms->c.li = CAST(struct level_info *, (ms->c.li == NULL) ? + malloc(len) : + realloc(ms->c.li, len)); diff -Nru file-5.22+15/debian/patches/series file-5.22+15/debian/patches/series --- file-5.22+15/debian/patches/series 2015-09-13 18:26:26.000000000 +0200 +++ file-5.22+15/debian/patches/series 2016-05-09 08:10:53.000000000 +0200 @@ -12,3 +12,4 @@ 0013-jpeg.c5d7f4d.patch cherry-pick.FILE5_24-22-g27b4e34.parameter-1.patch cherry-pick.FILE5_24-23-g4ddb783.parameter-2.patch +CVE-2015-8865.6713ca4.patchAttachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: 807654-done@bugs.debian.org, 823794-done@bugs.debian.org, 823911-done@bugs.debian.org, 824658-done@bugs.debian.org, 825512-done@bugs.debian.org, 825534-done@bugs.debian.org, 825699-done@bugs.debian.org, 826335-done@bugs.debian.org, 826348-done@bugs.debian.org, 826429-done@bugs.debian.org, 826443-done@bugs.debian.org, 826568-done@bugs.debian.org, 826607-done@bugs.debian.org, 826622-done@bugs.debian.org, 826662-done@bugs.debian.org, 826714-done@bugs.debian.org, 826829-done@bugs.debian.org, 827046-done@bugs.debian.org, 827054-done@bugs.debian.org, 827058-done@bugs.debian.org, 827111-done@bugs.debian.org, 827113-done@bugs.debian.org, 827288-done@bugs.debian.org, 827299-done@bugs.debian.org, 827352-done@bugs.debian.org, 827781-done@bugs.debian.org, 828177-done@bugs.debian.org, 828227-done@bugs.debian.org, 828630-done@bugs.debian.org, 829130-done@bugs.debian.org, 829135-done@bugs.debian.org, 829603-done@bugs.debian.org, 829650-done@bugs.debian.org, 829735-done@bugs.debian.org, 830221-done@bugs.debian.org, 830805-done@bugs.debian.org, 831335-done@bugs.debian.org, 831426-done@bugs.debian.org, 832004-done@bugs.debian.org, 832171-done@bugs.debian.org, 832296-done@bugs.debian.org, 832336-done@bugs.debian.org, 832477-done@bugs.debian.org, 832517-done@bugs.debian.org, 833345-done@bugs.debian.org, 833421-done@bugs.debian.org, 833433-done@bugs.debian.org, 833550-done@bugs.debian.org, 833575-done@bugs.debian.org, 833595-done@bugs.debian.org, 833634-done@bugs.debian.org, 834261-done@bugs.debian.org, 834326-done@bugs.debian.org, 834327-done@bugs.debian.org, 834419-done@bugs.debian.org, 834479-done@bugs.debian.org, 834480-done@bugs.debian.org, 834482-done@bugs.debian.org, 834483-done@bugs.debian.org, 834484-done@bugs.debian.org, 834745-done@bugs.debian.org, 835443-done@bugs.debian.org, 835444-done@bugs.debian.org, 835537-done@bugs.debian.org, 836157-done@bugs.debian.org, 836592-done@bugs.debian.org, 836700-done@bugs.debian.org, 836787-done@bugs.debian.org, 836866-done@bugs.debian.org, 836910-done@bugs.debian.org, 837296-done@bugs.debian.org, 837300-done@bugs.debian.org
- Subject: Closing p-u bugs for updates in 8.6
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 17 Sep 2016 13:08:06 +0100
- Message-id: <1474114086.2011.126.camel@adam-barratt.org.uk>
Version: 8.6 The updates referred to in each of these bugs were included in today's stable point release. Regards, Adam
--- End Message ---