Synopsis: Moderate: file security, bug fix, and enhancement update
Advisory ID: SLSA-2016:0760-1
Issue Date: 2016-05-10
CVE Numbers: CVE-2014-3587
CVE-2014-3538
CVE-2014-3710
CVE-2014-8116
CVE-2014-8117
CVE-2014-9653
CVE-2014-9620
—
Security Fix(es):
* Multiple flaws were found in the file regular expression rules for
detecting various files. A remote attacker could use these flaws to cause
file to consume an excessive amount of CPU. (CVE-2014-3538)
* A denial of service flaw was found in the way file parsed certain
Composite Document Format (CDF) files. A remote attacker could use this
flaw to crash file via a specially crafted CDF file. (CVE-2014-3587)
* Multiple flaws were found in the way file parsed Executable and Linkable
Format (ELF) files. A remote attacker could use these flaws to cause file
to crash, disclose portions of its memory, or consume an excessive amount
of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117,
CVE-2014-9620, CVE-2014-9653)
—
SL6
x86_64
file-5.04-30.el6.x86_64.rpm
file-debuginfo-5.04-30.el6.i686.rpm
file-debuginfo-5.04-30.el6.x86_64.rpm
file-libs-5.04-30.el6.i686.rpm
file-libs-5.04-30.el6.x86_64.rpm
python-magic-5.04-30.el6.x86_64.rpm
file-devel-5.04-30.el6.i686.rpm
file-devel-5.04-30.el6.x86_64.rpm
file-static-5.04-30.el6.x86_64.rpm
i386
file-5.04-30.el6.i686.rpm
file-debuginfo-5.04-30.el6.i686.rpm
file-libs-5.04-30.el6.i686.rpm
python-magic-5.04-30.el6.i686.rpm
file-devel-5.04-30.el6.i686.rpm
file-static-5.04-30.el6.i686.rpm
– Scientific Linux Development Team
