Advisories » MGASA-2014-0439

Updated [package] package fix CVE-2014-3710

Publication date: 31 Oct 2014
Modification date: 31 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3710

Description

Updated file packages fix security vulnerability:

An out-of-bounds read flaw was found in file's donote() function in the way
the file utility determined the note headers of a elf file. This could
possibly lead to file executable crash (CVE-2014-3710).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14411
• https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141536.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710

SRPMS

4/core

• file-5.16-1.7.mga4

3/core

• file-5.12-8.8.mga3