Package: file / 1:5.30-1+deb9u2

Metadata

Package Version Patches format
file 1:5.30-1+deb9u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
revert.FILE5_29 39 g0e78a704.pr 591 print if the file has debug info.patch | (download)

src/readelf.c | 10 2 + 8 - 0 !
1 file changed, 2 insertions(+), 8 deletions(-)

 revert: pr/591: print if the file has debug info
revert.FILE5_29 46 g53b8d4b0.add ips magic.patch | (download)

magic/Magdir/console | 4 0 + 4 - 0 !
1 file changed, 4 deletions(-)

 revert: add ips magic (thomas klausner)
cherry pick.FILE5_30 01 g64e45647.more cast stuff.patch | (download)

src/apprentice.c | 6 4 + 2 - 0 !
src/cdf.c | 8 5 + 3 - 0 !
src/compress.c | 8 4 + 4 - 0 !
src/der.c | 8 4 + 4 - 0 !
src/print.c | 2 1 + 1 - 0 !
src/readelf.c | 2 1 + 1 - 0 !
src/softmagic.c | 5 2 + 3 - 0 !
7 files changed, 21 insertions(+), 18 deletions(-)

 more cast stuff
cherry pick.FILE5_30 11 gb1b4efea.pr 598 off by one.patch | (download)

src/softmagic.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 pr/598: off-by-one
cherry pick.FILE5_30 12 g77a7041f.prevent reading beyond our buffer when compacting whitespace oss fuzz.patch | (download)

src/softmagic.c | 9 7 + 2 - 0 !
1 file changed, 7 insertions(+), 2 deletions(-)

 prevent reading beyond our buffer when compacting whitespace (oss-fuzz)
cherry pick.FILE5_30 14 ga0b25417.use the correct buffer size found by oss fuzz.patch | (download)

src/readcdf.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 use the correct buffer size; found by oss-fuzz
cherry pick.FILE5_30 18 g4e4e7609.pr 599 out of bounds read in cdf files.patch | (download)

src/cdf.c | 17 12 + 5 - 0 !
1 file changed, 12 insertions(+), 5 deletions(-)

 pr/599: out of bounds read in cdf files
cherry pick.FILE5_30 19 g7605984c.although i can t reproduce it oss fuzz complains about is tar.patch | (download)

src/is_tar.c | 35 21 + 14 - 0 !
1 file changed, 21 insertions(+), 14 deletions(-)

 although i can't reproduce it, oss-fuzz complains about is_tar
cherry pick.FILE5_30 22 ged0542b8.better fix for previous.patch | (download)

src/cdf.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 better fix for previous
cherry pick.FILE5_30 28 g393555f2.try to clean this up the vector code is still fishy.patch | (download)

src/cdf.c | 144 83 + 61 - 0 !
1 file changed, 83 insertions(+), 61 deletions(-)

 try to clean this up; the vector code is still fishy
cherry pick.FILE5_30 29 g76c2d4ae.several fixes in cdf parser.patch | (download)

src/cdf.c | 15 10 + 5 - 0 !
1 file changed, 10 insertions(+), 5 deletions(-)

 [ several fixes in the cdf parser ]
cherry pick.FILE5_30 30 gc703aa9f.free memory on error.patch | (download)

src/cdf.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 free memory on error
cherry pick.FILE5_30 34 g22067c96.simplify the property info copy function and check for bounds.patch | (download)

src/cdf.c | 77 33 + 44 - 0 !
1 file changed, 33 insertions(+), 44 deletions(-)

 simplify the property info copy function and check for bounds
cherry pick.FILE5_30 38 gfd42e119.if we could not read a field set it to 0 found by oss fuzz.patch | (download)

src/cdf.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 if we could not read a field, set it to 0; found by oss-fuzz
cherry pick.FILE5_30 39 geb973428.limit memory usage more to satisfy oss fuzz.patch | (download)

src/cdf.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 limit memory usage more to satisfy oss-fuzz
cherry pick.FILE5_30 41 g393dafa4.work around glibc regex msan bug regexec returns 0 but does initialize pmatch.patch | (download)

src/funcs.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 work around glibc/regex/msan bug regexec returns 0 but does initialize pmatch
cherry pick.FILE5_30 42 gf0bcdd07.dont try to read past the end of the properties found by oss fuzz.patch | (download)

src/cdf.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 don't try to read past the end of the properties, found by oss-fuzz
cherry pick.FILE5_30 43 g19ccebaf.dont copy the string past its length oss fuzz.patch | (download)

src/readcdf.c | 6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-)

 don't copy the string past its length (oss-fuzz)
cherry pick.FILE5_30 46 g1fa18af6.check read bounds for vector before reading.patch | (download)

src/cdf.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 check read bounds for vector before reading. found by oss-fuzz
cherry pick.FILE5_30 47 gdc067431.fix continuation level handling.patch | (download)

src/softmagic.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 [ fix continuation level handling ]
cherry pick.FILE5_30 48 gaee11eef.fix out of bounds read found by oss fuzz.patch | (download)

src/cdf.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix out of bounds read; found by oss-fuzz
cherry pick.FILE5_30 49 gbf90083a.fix memory handling.patch | (download)

src/cdf.c | 52 38 + 14 - 0 !
1 file changed, 38 insertions(+), 14 deletions(-)

 [ fix memory handling ]
cherry pick.FILE5_30 52 gd8233d09.check one more read found by oss fuzz.patch | (download)

src/cdf.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 check one more read (found by oss-fuzz)
cherry pick.FILE5_31 36 g35c94dc6.Fix always true condition Thomas Jarosch.patch | (download)

src/readelf.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix always true condition (thomas jarosch)
cherry pick.FILE5_33 31 ga642587a.avoid reading past the end of buffer.patch | (download)

src/readelf.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 avoid reading past the end of buffer (rui reis)
ID: CVE-2018-10360
local.support local definitions in etc magic.patch | (download)

doc/file.man | 11 3 + 8 - 0 !
magic/Header | 7 4 + 3 - 0 !
magic/magic.local | 3 3 + 0 - 0 !
src/Makefile.am | 2 1 + 1 - 0 !
src/Makefile.in | 2 1 + 1 - 0 !
src/apprentice.c | 2 1 + 1 - 0 !
6 files changed, 13 insertions(+), 14 deletions(-)

 support local definitions in /etc/magic
local.don t include libs in build.patch | (download)

src/Makefile.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 don't include libs in build
local.mention posixly correct dependent behaviour in usage message.patch | (download)

src/file_opts.h | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 mention posixly_correct dependent behaviour in usage message
local.report gz as application gzip.patch | (download)

magic/Magdir/compress | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 report gz as application/gzip
local.disable detection of vax coff executables.patch | (download)

magic/Magdir/vax | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 disable detection of vax coff executables
local.disable algol68 detection.patch | (download)

magic/Magdir/algol68 | 20 10 + 10 - 0 !
1 file changed, 10 insertions(+), 10 deletions(-)

 disable detection of algol68 files