-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3196-1 security@xxxxxxxxxx http://www.debian.org/security/ Moritz Muehlenhoff March 18, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : file CVE ID : CVE-2014-9653 Hanno Boeck discovered that file's ELF parser is suspectible to denial of service. For the stable distribution (wheezy), this problem has been fixed in version 5.11-2+deb7u8. For the upcoming stable distribution (jessie), this problem has been fixed in version 1:5.22+15-1. For the unstable distribution (sid), this problem has been fixed in version 1:5.22+15-1. We recommend that you upgrade your file packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVCbyJAAoJEBDCk7bDfE42mSgP/01JqiSn3bJ/H5V76iqokzXB j9ot35Oqx2viFuzbACOb11tp6WpSvdnrZXW761nMOwiQi0MNk88Zo+IwAATAtVjG P8CuptSsbzhMej82JZkq9hIIYO8HJh0dEznnu6sSAV7gq3gTnM+h8HhJqkMSWIFP g//H753nm2eHhOuH9yyG8BT6ovUkRpEh5SuYLCVFc9h0vqshRYTd+Mnqj8hw2VfS FFRibDD9cMDkx3EAMGH53c3TWne23u9XHFBPNwqogiWh6pCQ3LncnNpv1jBFVN23 w0To4M4ycMN3qDoP9or4QNu/7MCEzVkAW3Ev8TrNErEqYsLIBadoNvpssRoBwrof hzE0WjI0738TsqtGDbVA0xjPQ4toZowICPhTcp/u3rzJruLh+2XoTulMcnLO1q8g G1eJuiGTDnE6CliBCinDvyNc35iD8rYEZ9gkHqN7D2OnBno7Rbd4sKi1T8HfmqYT 2lXQ4KVg928Kp/hjk5LLao3zFFGWgZYEoZ9/Kn6huERDk0UNID7S5veEGM7eaxR7 /G+bUeDheVEPCC5NvX93YrQzf62q+PPxPQhjSL4PCAKJPU0ql7C7PNxOAkZlpuHe 4VxjmIr8nnL9a32SX1zIhfPiKFJ7B6JcdEMsiiXw7o5jnnkXGUUguXtx8R3j1LwA SkxqwdRZ/wPS8arfSzMG =c6H6 -----END PGP SIGNATURE-----
