Updated file package fixes security vulnerabilityPublication date: 22 Feb 2014
Affected Mageia releases : 3 , 4
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943). Additionally, other well-crafted files might result in long computation times (while using 100% CPU) and overlong results. The affected packages have been patched to correct these flaws.