Debian Security Advisory
DSA-3196-1 file -- security update
- Date Reported:
- 18 Mar 2015
- Affected Packages:
- file
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-9653.
- More information:
-
Hanno Boeck discovered that file's ELF parser is suspectible to denial of service.
For the stable distribution (wheezy), this problem has been fixed in version 5.11-2+deb7u8.
For the upcoming stable distribution (jessie), this problem has been fixed in version 1:5.22+15-1.
For the unstable distribution (sid), this problem has been fixed in version 1:5.22+15-1.
We recommend that you upgrade your file packages.