Date: Fri, 15 May 2009 00:26:39 GMT From: bf <bf2006a@yahoo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/134550: file(1) 5.00 subject to bugs and security vulnerabilities Message-ID: <200905150026.n4F0QdgW017981@www.freebsd.org> Resent-Message-ID: <200905150030.n4F0U1ME030819@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 134550 >Category: bin >Synopsis: file(1) 5.00 subject to bugs and security vulnerabilities >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri May 15 00:30:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: bf >Release: 8-CURRENT i386 >Organization: - >Environment: >Description: Version 5.00 of file(1), which was recently imported into 8-CURRENT in svn r191739 on 2 May 2009, has been found to have a number of bugs and security vulnerabilities, one of which is described in CVE 2009-1515 (which was publicized on 28 April 2009!): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 >How-To-Repeat: >Fix: Please import file 5.03 or later: ftp://ftp.astron.com/pub/file/file-5.03.tar.gz in the place of file 5.00. This later version includes fixes for the above bug and for a number of other problems. Thanks, b. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905150026.n4F0QdgW017981>