[SECURITY] [DLA 1969-1] file security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : file
Version : 1:5.22+15-2+deb8u6
CVE ID : CVE-2019-18218
An issue has been found in file, a tool to determine file types by using
magic numbers.
The number of CDF_VECTOR elements had to be restricted in order to prevent
a heap-based buffer overflow (4-byte out-of-bounds write).
For Debian 8 "Jessie", this problem has been fixed in version
1:5.22+15-2+deb8u6.
We recommend that you upgrade your file packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl2wtndfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeJ0A//ccJGz9pbo1l7+SOx/XZ1UjaIqsGnfJl15o/b+846hH/JFRrQAavnF9Hk
0M78N554wXCq9sfcv95DdI9o1bQa3Zp9QiUpYWzHt1AdZGtYv4aoGULZHxgecWxE
YIa2aBWD1pOQVC6fOPqEximgpnByPoHDVpihQuMPBMvUvJz9yck+mbWKB7EIyRZ3
fZarjArOJvvKFToujKP+cB+4IdC9E1CvFxLHRF77yzT0kfhhKl4Sdwi+6igeLJ5g
aAHtxMoveWcvU5PLuun9yzMi9ZlLa1wiSgniMiU/ATCxUD+SP8bMXXtK7+/q3uCR
lEJZHAwDovK4dmsWexZD5gXA3P/1iKT3hJ/RQnGZzqu5IlGTTOqSvNmEMgenqDhZ
2YJfOoHHiFDfmChQhb6eXE0wb071zuGH9GlQCKDfOWbcHVQhm3wecthvDJu0qVNt
ZSnr2usfKaoSPjT3dnl7mQPSemGJdCU+c2SbBavXCuo+7/kBY4MV9yMjMyQiNY45
xo6VdvFX5zSEOGyRyC3yl3sLs4gjz0Tc3L3wZ9ecdP7P03EXoM0PHy+1KqyNGHzC
/MCTUnzwLTv2OIM08s5ruynE5wwOyyEPNE+JUzyTj722bNvtr4s5xYSKFfliYg/i
NcQI0JC6xxCA2SykGcgB3Rsy/mQcRI8q5Oe25eSC5h6d8yyezcc=
=Ttww
-----END PGP SIGNATURE-----
Reply to: