bin/134550: file(1) 5.00 subject to bugs and security
vulnerabilities
bf
bf2006a at yahoo.com
Fri May 15 00:30:02 UTC 2009
>Number: 134550
>Category: bin
>Synopsis: file(1) 5.00 subject to bugs and security vulnerabilities
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri May 15 00:30:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: bf
>Release: 8-CURRENT i386
>Organization:
-
>Environment:
>Description:
Version 5.00 of file(1), which was recently imported into 8-CURRENT in svn
r191739 on 2 May 2009, has been found to have a number of bugs and security
vulnerabilities, one of which is described in CVE 2009-1515 (which was publicized on 28 April 2009!):
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515
>How-To-Repeat:
>Fix:
Please import file 5.03 or later:
ftp://ftp.astron.com/pub/file/file-5.03.tar.gz
in the place of file 5.00. This later version includes fixes for the above bug and for a number of other problems.
Thanks,
b.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list