magic/Header | 7 4 + 3 - 0 !
magic/magic.local | 3 3 + 0 - 0 !
src/Makefile.am | 2 1 + 1 - 0 !
src/Makefile.in | 2 1 + 1 - 0 !
4 files changed, 9 insertions(+), 5 deletions(-)

 No longer includes Localstuff in /usr/share/misc/magic, local definitions
 should go to /etc/magic.

src/Makefile.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 n/a

doc/file.man | 11 3 + 8 - 0 !
1 file changed, 3 insertions(+), 8 deletions(-)

 fixme, and #417511.

src/ascmagic.c | 2 1 + 1 - 0 !
src/file.h | 2 1 + 1 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/softmagic.c | 27 18 + 9 - 0 !
4 files changed, 21 insertions(+), 12 deletions(-)

 prevent infinite recursion.
 count indirect recursion as recursion.

Upstream commit IDs:
    3c081560c23f20b2985c285338b52c7aae9fdb0f
    cc9e74dfeca5265ad725acc926ef0b8d2a18ee70

Backport for 5.11: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

magic/Magdir/commands | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 limit to 100 repetitions to avoid excessive backtracking Carsten Wolff

src/softmagic.c | 31 16 + 15 - 0 !
1 file changed, 16 insertions(+), 15 deletions(-)

 PR/313: Aaron Reffett: Check properly for exceeding the offset.
 .
 off by one in out of bounds calculations (Jan Kaluza)
 .
 CVE-2014-2270
 Backport for 5.11: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

magic/Magdir/commands | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---

src/cdf.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 the cdf_read_short_sector function allows remote attackers to cause a denial of service
ID: CVE-2014-0207

src/cdf.c | 18 5 + 13 - 0 !
1 file changed, 5 insertions(+), 13 deletions(-)

 the cdf_unpack_summary_info function allows remote attackers to cause a denial of service
ID: CVE-2014-0237

src/cdf.c | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 the cdf_read_property_info function allows remote attackers to cause a denial of service
ID: CVE-2014-0238

src/softmagic.c | 14 11 + 3 - 0 !
1 file changed, 11 insertions(+), 3 deletions(-)

 buffer overflow in the mconvert function allows remote attackers to cause a denial of service
ID: CVE-2014-3478

src/cdf.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 the cdf_check_stream_offset function in relies on incorrect sector-size
ID: CVE-2014-3479

src/cdf.c | 7 4 + 3 - 0 !
1 file changed, 4 insertions(+), 3 deletions(-)

 the cdf_count_chain function does not properly validate sector-count data
ID: CVE-2014-3480

src/cdf.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 the cdf_read_property_info function does not properly validate a stream offset
ID: CVE-2014-3487

src/softmagic.c | 25 17 + 8 - 0 !
1 file changed, 17 insertions(+), 8 deletions(-)

 file does not properly restrict the amount of data read during a regex search
ID: CVE-2014-3538

src/cdf.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 integer overflow in the cdf_read_property_info function allows remote attackers to cause a denial of service
ID: CVE-2014-3587

src/readelf.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 [patch] fix note bounds reading, francisco alonso / red hat

src/softmagic.c | 25 20 + 5 - 0 !
1 file changed, 20 insertions(+), 5 deletions(-)

 only print the description for indirect offsets if a match was found, and add the offset as the number to print

configure.ac | 2 1 + 1 - 0 !
src/elfclass.h | 3 2 + 1 - 0 !
src/file.h | 3 3 + 0 - 0 !
src/pread.c | 14 14 + 0 - 0 !
src/readelf.c | 106 47 + 59 - 0 !
5 files changed, 67 insertions(+), 61 deletions(-)

 use pread (...)

src/readelf.c | 31 31 + 0 - 0 !
src/readelf.h | 17 17 + 0 - 0 !
2 files changed, 48 insertions(+)

 add pax note

src/readelf.c | 260 145 + 115 - 0 !
src/readelf.h | 23 23 + 0 - 0 !
2 files changed, 168 insertions(+), 115 deletions(-)

 split netbsd and freebsd version printing into separate functions (...)

src/softmagic.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 fix memory leak (anatol belski)

src/softmagic.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 pr/398: correctly truncate pascal strings (fixes out of bounds read of 1, 2, or 4 bytes)
ID: TEMP-0000000-C482B4

src/elfclass.h | 24 16 + 8 - 0 !
src/readelf.c | 18 15 + 3 - 0 !
2 files changed, 31 insertions(+), 11 deletions(-)

 limit the number of program and section header number of sections to be (...)
ID: CVE-2014-8116

src/readelf.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 stop reporting bad capabilities after the first few
ID: CVE-2014-8116

src/file.h | 8 8 + 0 - 0 !
src/funcs.c | 40 40 + 0 - 0 !
src/softmagic.c | 27 18 + 9 - 0 !
3 files changed, 66 insertions(+), 9 deletions(-)

 reduce recursion level from 20 to 10 and make a symbolic constant for it. (...)
ID: CVE-2014-8117

src/readelf.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 adjust limits better (from netbsd)

src/file.c | 17 16 + 1 - 0 !
src/file.h | 2 2 + 0 - 0 !
src/file_opts.h | 1 1 + 0 - 0 !
src/magic.c | 27 27 + 0 - 0 !
src/magic.h | 6 6 + 0 - 0 !
src/softmagic.c | 19 9 + 10 - 0 !
6 files changed, 61 insertions(+), 11 deletions(-)

 bump recursion to 15, and allow it to be set from the command line

doc/file.man | 6 6 + 0 - 0 !
doc/libmagic.man | 22 21 + 1 - 0 !
2 files changed, 27 insertions(+), 1 deletion(-)

 document changes

doc/file.man | 16 10 + 6 - 0 !
doc/libmagic.man | 27 22 + 5 - 0 !
src/ascmagic.c | 2 1 + 1 - 0 !
src/elfclass.h | 8 4 + 4 - 0 !
src/file.c | 67 53 + 14 - 0 !
src/file.h | 12 9 + 3 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 31 26 + 5 - 0 !
src/magic.h | 6 5 + 1 - 0 !
src/softmagic.c | 30 18 + 12 - 0 !
10 files changed, 149 insertions(+), 52 deletions(-)

 kill -r and replace with -p param=value. allow setting of 4 parameters: indir, name, shnum, phnum

doc/file.man | 3 2 + 1 - 0 !
doc/libmagic.man | 5 5 + 0 - 0 !
src/ascmagic.c | 3 2 + 1 - 0 !
src/file.c | 1 1 + 0 - 0 !
src/file.h | 8 5 + 3 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 7 7 + 0 - 0 !
src/magic.h | 5 3 + 2 - 0 !
src/softmagic.c | 31 22 + 9 - 0 !
9 files changed, 48 insertions(+), 17 deletions(-)

 add a limit to the number of times a name/use entries can be used

src/magic.h | 9 4 + 5 - 0 !
1 file changed, 4 insertions(+), 5 deletions(-)

 put the changes in the original file not the generated file

doc/file.man | 9 4 + 5 - 0 !
doc/libmagic.man | 9 4 + 5 - 0 !
src/ascmagic.c | 2 1 + 1 - 0 !
src/elfclass.h | 8 4 + 4 - 0 !
src/file.c | 9 4 + 5 - 0 !
src/file.h | 18 8 + 10 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 37 15 + 22 - 0 !
src/softmagic.c | 27 10 + 17 - 0 !
9 files changed, 51 insertions(+), 70 deletions(-)

 remove name recursion limit, it is always lower than the count... rename things for consistency

src/softmagic.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 don't bail if there was no error, buf could have been null on entry
ID: CVE-2014-8117

src/readelf.c | 12 8 + 4 - 0 !
1 file changed, 8 insertions(+), 4 deletions(-)

 only trust sizes of regular files

src/file_opts.h | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 fix parameter options

src/readelf.c | 9 5 + 4 - 0 !
1 file changed, 5 insertions(+), 4 deletions(-)

 bail out on partial reads, from alexander cherepanov

doc/file.man | 1 1 + 0 - 0 !
doc/libmagic.man | 7 6 + 1 - 0 !
src/elfclass.h | 16 10 + 6 - 0 !
src/file.c | 1 1 + 0 - 0 !
src/file.h | 2 2 + 0 - 0 !
src/file_opts.h | 1 1 + 0 - 0 !
src/magic.c | 7 7 + 0 - 0 !
src/magic.h | 1 1 + 0 - 0 !
src/readelf.c | 423 247 + 176 - 0 !
9 files changed, 276 insertions(+), 183 deletions(-)

 add a limit to the number of elf notes processed (suggested by alexander (...)
ID: TEMP-0000000-B67840

src/readelf.c | 9 7 + 2 - 0 !
1 file changed, 7 insertions(+), 2 deletions(-)

 limit string printing to 100 chars, and add flags i forgot in the previous commit
ID: TEMP-0000000-E110B2

src/readelf.c | 19 12 + 7 - 0 !
1 file changed, 12 insertions(+), 7 deletions(-)

 fix previous, reading section name

src/readelf.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 bail out on partial reads, from alexander cherepanov (...)
ID: CVE-2014-9653