From owner-freebsd-stable@FreeBSD.ORG Wed Jun 10 01:00:36 2015 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDED087A for ; Wed, 10 Jun 2015 01:00:36 +0000 (UTC) (envelope-from nick.frampton@akips.com) Received: from mail.akips.com (mail.akips.com [65.19.130.19]) by mx1.freebsd.org (Postfix) with ESMTP id CB3C11BCF for ; Wed, 10 Jun 2015 01:00:36 +0000 (UTC) (envelope-from nick.frampton@akips.com) Received: from [10.1.8.7] (CPE-120-146-191-2.static.qld.bigpond.net.au [120.146.191.2]) by mail.akips.com (Postfix) with ESMTPSA id 45ECF13D71 for ; Wed, 10 Jun 2015 10:55:18 +1000 (EST) Message-ID: <55778AF4.3030701@akips.com> Date: Wed, 10 Jun 2015 10:55:16 +1000 From: Nick Frampton User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: FreeBSD Errata Notice FreeBSD-EN-15:06.file References: <201506092239.t59MdaKR011836@freefall.freebsd.org> In-Reply-To: <201506092239.t59MdaKR011836@freefall.freebsd.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,URIBL_BLOCKED autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on host1.akips.com X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2015 01:00:37 -0000 Pardon my ignorance, but why was this posted as an EN instead of a SA if it corrects security vulnerabilities? -Nick On 10/06/15 08:39, FreeBSD Errata Notices wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > ============================================================================= > FreeBSD-EN-15:06.file Errata Notice > The FreeBSD Project > > Topic: Version and security update of file(1) and libmagic(3) > > Category: contrib > Module: file > Announced: 2015-06-09 > Affects: All supported versions of FreeBSD. > Corrected: 2015-01-23 18:48:59 UTC (stable/10, 10.1-STABLE) > 2015-06-09 22:13:25 UTC (releng/10.1, 10.1-RELEASE-p11) > 2015-01-23 18:50:36 UTC (stable/9, 9.3-STABLE) > 2015-06-09 22:13:53 UTC (releng/9.3, 9.3-RELEASE-p15) > 2015-05-09 23:53:25 UTC (stable/8, 8.4-STABLE) > 2015-06-09 22:13:53 UTC (releng/8.4, 8.4-RELEASE-p29) > CVE Name: CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, > CVE-2014-3487, CVE-2014-3538, CVE-2014-3587, CVE-2014-9620, > CVE-2014-9621, CVE-2014-9653 > > For general information regarding FreeBSD Errata Notices and Security > Advisories, including descriptions of the fields above, security > branches, and the following sections, please visit > . > > I. Background > > The file(1) utility attempts to classify file system objects based on > filesystem, magic number and language tests. > > The libmagic(3) library provides most of the functionality of file(1) > and may be used by other applications. > > II. Problem Description > > There are a number of denial of service issues when handling complex > files, for instance Portable Executable (PE) files and ELF files parsing > code with libmagic(3) and in turn file(1). > > III. Impact > > An attacker who can cause file(1) or any other applications using the > libmagic(3) library to be run on a maliciously constructed input can > cause the application to crash or consume excessive CPU resources, > resulting in a denial-of-service. > > IV. Workaround > > System administrators who run file(1) and libmagic(3) against untrusted > files, for instance when running with a mail server's mail scanner, are > advised to configure the scanner in a way so that they do not call file(1) > or libmagic(3) to conduct deep inspection of input files. Most of these > scanners does not really need the in-depth analysis and the file type > determined by libmagic is already sufficient. > > V. Solution > > This errata replaces the base system file(1) and libmagic(3) with the > version 5.22. > > Perform one of the following: > > 1) Upgrade your system to a supported FreeBSD stable or release / security > branch (releng) dated after the correction date. > > 2) To update your present system via a binary patch: > > Systems running a RELEASE version of FreeBSD on the i386 or amd64 > platforms can be updated via the freebsd-update(8) utility: > > # freebsd-update fetch > # freebsd-update install > > 3) To update your present system via a source code patch: > > The following patches have been verified to apply to the applicable > FreeBSD release branches. > > a) Download the relevant patch from the location below, and verify the > detached PGP signature using your PGP utility. > > [FreeBSD 10.1] > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-10.1.patch > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-10.1.patch.asc > # gpg --verify file-10.1.patch.asc > > [FreeBSD 9.3] > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-9.3.patch > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-9.3.patch.asc > # gpg --verify file-9.3.patch.asc > > [FreeBSD 8.4] > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-8.4.patch > # fetch https://security.FreeBSD.org/patches/EN-15:06/file-8.4.patch.asc > # gpg --verify file-8.4.patch.asc > > b) Apply the patch. Execute the following commands as root: > > # cd /usr/src > # patch < /path/to/patch > > c) Recompile the operating system using buildworld and installworld as > described in . > > Restart all deamons using the library, or reboot the system. > > VI. Correction details > > The following list contains the correction revision numbers for each > affected branch. > > Branch/path Revision > - ------------------------------------------------------------------------- > stable/8/ r283135 > releng/8.4/ r284194 > stable/9/ r277593 > releng/9.3/ r284194 > stable/10/ r277592 > releng/10.1/ r284193 > - ------------------------------------------------------------------------- > > To see which files were modified by a particular revision, run the > following command, replacing NNNNNN with the revision number, on a > machine with Subversion installed: > > # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base > > Or visit the following URL, replacing NNNNNN with the revision number: > > > > VII. References > > > > > > > > > > > > > > > > > > > > > > The latest revision of this Errata Notice is available at > https://security.FreeBSD.org/advisories/FreeBSD-EN-15:06.file.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.1.4 (FreeBSD) > > iQIcBAEBCgAGBQJVd2aEAAoJEO1n7NZdz2rnEVQP/2OPfepmvG2/vYrH3bKDHPRi > 12QFfE3Ylr8ctoDQRCBazdxhzLEMxdP3g9icJ0ZbnDWVmFtM9BwDfCrkcYmI6uCt > 0E1usrqHs6qthm4i1UAwRu4v71LM2yllHCaLt/XWxWDXsbI/vA5wkZgfgZK8kZWW > PAiBUuI1bM4pegi+yymgMRoHquoyB0x2jNBKywnb9KT7m8Br9uYnJrCajI6G9HUy > /eQKtefOVQat0trIoOwXS7cIZhLWJlVAKUinBjb2IGHxkWOrUhgXlPCpB4efS0pG > IqEv2gvHpxllgmf+4leqNXYT8R1EUu+3OE6SbN7jV+RwgPc0TNUxC4Bkb6r1LoSH > BRf5FMuVDYAlDKDz4j8NY0v84PpD9d37w7SSBZPiR+Fwn5xs0F4PjsU2c+tPEnVD > Sn1vYkafvC+KXsuJtmd4sqb1zLRdpOGDxruA0VtOKATA1sDa1QZIBTB7w7iZ03f5 > umCpU8p5mo7a9AroavUEZkcpu4w5BptAsgYoBdOeKHhStBtPlXiGpML8zLhj1qnL > hGF6RY2QrhD35C7OIer1ji0F2pEKkFfaeAqkvIXmYJaH+KQeIrEdt+ki2GStW1m9 > OdL79RMreVGE1DuX/2puBxKcMsQR+fas4L4uGi46MDXXMeV0LKJHiAT2twJlDOL/ > mc3UcOeMcAfOkINcpGuD > =8/lF > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-announce@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-announce > To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org" > -- Founder, CTO www.akips.com