Package: file / 5.11-2+deb7u8

Metadata

Package Version Patches format
file 5.11-2+deb7u8 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01 file localmagic.patch | (download)

magic/Header | 7 4 + 3 - 0 !
magic/magic.local | 3 3 + 0 - 0 !
src/Makefile.am | 2 1 + 1 - 0 !
src/Makefile.in | 2 1 + 1 - 0 !
4 files changed, 9 insertions(+), 5 deletions(-)

 No longer includes Localstuff in /usr/share/misc/magic, local definitions
 should go to /etc/magic.

02 file make.patch | (download)

src/Makefile.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 n/a

03 doc manpages.patch | (download)

doc/file.man | 11 3 + 8 - 0 !
1 file changed, 3 insertions(+), 8 deletions(-)

 fixme, and #417511.

CVE 2014 1943.patch | (download)

src/ascmagic.c | 2 1 + 1 - 0 !
src/file.h | 2 1 + 1 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/softmagic.c | 27 18 + 9 - 0 !
4 files changed, 21 insertions(+), 12 deletions(-)

 prevent infinite recursion.
 count indirect recursion as recursion.

Upstream commit IDs:
    3c081560c23f20b2985c285338b52c7aae9fdb0f
    cc9e74dfeca5265ad725acc926ef0b8d2a18ee70

Backport for 5.11: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>


limit repetitions in awk detection.patch | (download)

magic/Magdir/commands | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 limit to 100 repetitions to avoid excessive backtracking Carsten Wolff


CVE 2014 2270.patch | (download)

src/softmagic.c | 31 16 + 15 - 0 !
1 file changed, 16 insertions(+), 15 deletions(-)

 PR/313: Aaron Reffett: Check properly for exceeding the offset.
 .
 off by one in out of bounds calculations (Jan Kaluza)
 .
 CVE-2014-2270
 Backport for 5.11: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>


DSA 2873 1 regression.patch | (download)

magic/Magdir/commands | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---
CVE 2014 0207.patch | (download)

src/cdf.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 the cdf_read_short_sector function allows remote attackers to cause a denial of service
ID: CVE-2014-0207
CVE 2014 0237.patch | (download)

src/cdf.c | 18 5 + 13 - 0 !
1 file changed, 5 insertions(+), 13 deletions(-)

 the cdf_unpack_summary_info function allows remote attackers to cause a denial of service
ID: CVE-2014-0237
CVE 2014 0238.patch | (download)

src/cdf.c | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 the cdf_read_property_info function allows remote attackers to cause a denial of service
ID: CVE-2014-0238
CVE 2014 3478.patch | (download)

src/softmagic.c | 14 11 + 3 - 0 !
1 file changed, 11 insertions(+), 3 deletions(-)

 buffer overflow in the mconvert function allows remote attackers to cause a denial of service
ID: CVE-2014-3478
CVE 2014 3479.patch | (download)

src/cdf.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 the cdf_check_stream_offset function in relies on incorrect sector-size
ID: CVE-2014-3479
CVE 2014 3480.patch | (download)

src/cdf.c | 7 4 + 3 - 0 !
1 file changed, 4 insertions(+), 3 deletions(-)

 the cdf_count_chain function does not properly validate sector-count data
ID: CVE-2014-3480
CVE 2014 3487.patch | (download)

src/cdf.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 the cdf_read_property_info function does not properly validate a stream offset
ID: CVE-2014-3487
CVE 2014 3538.patch | (download)

src/softmagic.c | 25 17 + 8 - 0 !
1 file changed, 17 insertions(+), 8 deletions(-)

 file does not properly restrict the amount of data read during a regex search
ID: CVE-2014-3538
CVE 2014 3587.patch | (download)

src/cdf.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 integer overflow in the cdf_read_property_info function allows remote attackers to cause a denial of service
ID: CVE-2014-3587
CVE 2014 3710.patch | (download)

src/readelf.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 [patch] fix note bounds reading, francisco alonso / red hat

CVE 2014 8117.1.0de3251.patch | (download)

src/softmagic.c | 25 20 + 5 - 0 !
1 file changed, 20 insertions(+), 5 deletions(-)

 only print the description for indirect offsets if a match was found, and add the offset as the number to print
TEMP 0000000 B67840.1.d68a455.patch | (download)

configure.ac | 2 1 + 1 - 0 !
src/elfclass.h | 3 2 + 1 - 0 !
src/file.h | 3 3 + 0 - 0 !
src/pread.c | 14 14 + 0 - 0 !
src/readelf.c | 106 47 + 59 - 0 !
5 files changed, 67 insertions(+), 61 deletions(-)

 use pread (...)
TEMP 0000000 B67840.2.9b5bdd7.patch | (download)

src/readelf.c | 31 31 + 0 - 0 !
src/readelf.h | 17 17 + 0 - 0 !
2 files changed, 48 insertions(+)

 add pax note
TEMP 0000000 B67840.3.c8451af.patch | (download)

src/readelf.c | 260 145 + 115 - 0 !
src/readelf.h | 23 23 + 0 - 0 !
2 files changed, 168 insertions(+), 115 deletions(-)

 split netbsd and freebsd version printing into separate functions (...)
CVE 2014 8117.2.c0c0032.patch | (download)

src/softmagic.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 fix memory leak (anatol belski)
TEMP 0000000 C482B4.59e6383.patch | (download)

src/softmagic.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 pr/398: correctly truncate pascal strings (fixes out of bounds read of 1, 2, or 4 bytes)
ID: TEMP-0000000-C482B4
CVE 2014 8116.1.b4c0114.patch | (download)

src/elfclass.h | 24 16 + 8 - 0 !
src/readelf.c | 18 15 + 3 - 0 !
2 files changed, 31 insertions(+), 11 deletions(-)

 limit the number of program and section header number of sections to be (...)
ID: CVE-2014-8116
CVE 2014 8116.2.d7cdad0.patch | (download)

src/readelf.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 stop reporting bad capabilities after the first few
ID: CVE-2014-8116
CVE 2014 8117.3.6f737dd.patch | (download)

src/file.h | 8 8 + 0 - 0 !
src/funcs.c | 40 40 + 0 - 0 !
src/softmagic.c | 27 18 + 9 - 0 !
3 files changed, 66 insertions(+), 9 deletions(-)

 reduce recursion level from 20 to 10 and make a symbolic constant for it. (...)
ID: CVE-2014-8117
TEMP 0000000 B67840.4.8a90571.patch | (download)

src/readelf.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 adjust limits better (from netbsd)
CVE 2014 8117.4.90018fe.patch | (download)

src/file.c | 17 16 + 1 - 0 !
src/file.h | 2 2 + 0 - 0 !
src/file_opts.h | 1 1 + 0 - 0 !
src/magic.c | 27 27 + 0 - 0 !
src/magic.h | 6 6 + 0 - 0 !
src/softmagic.c | 19 9 + 10 - 0 !
6 files changed, 61 insertions(+), 11 deletions(-)

 bump recursion to 15, and allow it to be set from the command line
CVE 2014 8117.5.5063ca3.patch | (download)

doc/file.man | 6 6 + 0 - 0 !
doc/libmagic.man | 22 21 + 1 - 0 !
2 files changed, 27 insertions(+), 1 deletion(-)

 document changes
TEMP 0000000 B67840.5.6ce24f3.patch | (download)

doc/file.man | 16 10 + 6 - 0 !
doc/libmagic.man | 27 22 + 5 - 0 !
src/ascmagic.c | 2 1 + 1 - 0 !
src/elfclass.h | 8 4 + 4 - 0 !
src/file.c | 67 53 + 14 - 0 !
src/file.h | 12 9 + 3 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 31 26 + 5 - 0 !
src/magic.h | 6 5 + 1 - 0 !
src/softmagic.c | 30 18 + 12 - 0 !
10 files changed, 149 insertions(+), 52 deletions(-)

 kill -r and replace with -p param=value. allow setting of 4 parameters: indir, name, shnum, phnum
TEMP 0000000 B67840.6.0056ec3.patch | (download)

doc/file.man | 3 2 + 1 - 0 !
doc/libmagic.man | 5 5 + 0 - 0 !
src/ascmagic.c | 3 2 + 1 - 0 !
src/file.c | 1 1 + 0 - 0 !
src/file.h | 8 5 + 3 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 7 7 + 0 - 0 !
src/magic.h | 5 3 + 2 - 0 !
src/softmagic.c | 31 22 + 9 - 0 !
9 files changed, 48 insertions(+), 17 deletions(-)

 add a limit to the number of times a name/use entries can be used
TEMP 0000000 B67840.7.09e4162.patch | (download)

src/magic.h | 9 4 + 5 - 0 !
1 file changed, 4 insertions(+), 5 deletions(-)

 put the changes in the original file not the generated file
TEMP 0000000 B67840.8.af444af.patch | (download)

doc/file.man | 9 4 + 5 - 0 !
doc/libmagic.man | 9 4 + 5 - 0 !
src/ascmagic.c | 2 1 + 1 - 0 !
src/elfclass.h | 8 4 + 4 - 0 !
src/file.c | 9 4 + 5 - 0 !
src/file.h | 18 8 + 10 - 0 !
src/funcs.c | 2 1 + 1 - 0 !
src/magic.c | 37 15 + 22 - 0 !
src/softmagic.c | 27 10 + 17 - 0 !
9 files changed, 51 insertions(+), 70 deletions(-)

 remove name recursion limit, it is always lower than the count... rename things for consistency
CVE 2014 8117.6.6bf4527.patch | (download)

src/softmagic.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 don't bail if there was no error, buf could have been null on entry
ID: CVE-2014-8117
TEMP 0000000 B67840.9.68bd843.patch | (download)

src/readelf.c | 12 8 + 4 - 0 !
1 file changed, 8 insertions(+), 4 deletions(-)

 only trust sizes of regular files
TEMP 0000000 B67840.10.dddd3cd.patch | (download)

src/file_opts.h | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 fix parameter options
TEMP 0000000 B67840.11.445c8fb.patch | (download)

src/readelf.c | 9 5 + 4 - 0 !
1 file changed, 5 insertions(+), 4 deletions(-)

 bail out on partial reads, from alexander cherepanov
TEMP 0000000 B67840.12.ce90e05.patch | (download)

doc/file.man | 1 1 + 0 - 0 !
doc/libmagic.man | 7 6 + 1 - 0 !
src/elfclass.h | 16 10 + 6 - 0 !
src/file.c | 1 1 + 0 - 0 !
src/file.h | 2 2 + 0 - 0 !
src/file_opts.h | 1 1 + 0 - 0 !
src/magic.c | 7 7 + 0 - 0 !
src/magic.h | 1 1 + 0 - 0 !
src/readelf.c | 423 247 + 176 - 0 !
9 files changed, 276 insertions(+), 183 deletions(-)

 add a limit to the number of elf notes processed (suggested by alexander (...)
ID: TEMP-0000000-B67840
TEMP 0000000 E110B2.65437ce.patch | (download)

src/readelf.c | 9 7 + 2 - 0 !
1 file changed, 7 insertions(+), 2 deletions(-)

 limit string printing to 100 chars, and add flags i forgot in the previous commit
ID: TEMP-0000000-E110B2
CVE 2014 9653.1.4c948c0.patch | (download)

src/readelf.c | 19 12 + 7 - 0 !
1 file changed, 12 insertions(+), 7 deletions(-)

 fix previous, reading section name
CVE 2014 9653.2.445c8fb.patch | (download)

src/readelf.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 bail out on partial reads, from alexander cherepanov (...)
ID: CVE-2014-9653