file-5.33-20.el8

エラータID: AXSA:2021-2595:03

Release date: 
Friday, December 10, 2021 - 07:30
Subject: 
file-5.33-20.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats.

Security Fix(es):

* file: heap-based buffer overflow in cdf_read_property_info in cdf.c (CVE-2019-18218)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-18218
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

Solution: 

Update packages.

CVEs: 
CVE-2019-18218
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
Additional Info: 

N/A

Download: 

SRPMS
  1. file-5.33-20.el8.src.rpm
    MD5: 7717d1a13b9ff57bfd03912bb54bc4d5
    SHA-256: 3ad585095afb2089c5eca3eaaf9174414033494a836159650132d7c439fb23a8
    Size: 861.15 kB

Asianux Server 8 for x86_64
  1. file-5.33-20.el8.x86_64.rpm
    MD5: 5db371eee01f0769f1783ff4adacf124
    SHA-256: 3ccda08ff94735d275ea4c0c1f6f2d2ec375d581375b1c57b40bd7bdb7b92c98
    Size: 75.66 kB
  2. file-devel-5.33-20.el8.x86_64.rpm
    MD5: b45e32ca69f208a97b265cbe628b539f
    SHA-256: 3d1eccea38c32f7250c0b07ff4cc181eeb954aab11835156ef9c8f67c47839c5
    Size: 43.36 kB
  3. file-libs-5.33-20.el8.x86_64.rpm
    MD5: 6d55fcc2eb0aff6386d55e0f472f22aa
    SHA-256: 4884561687337e911442703078c6abd2a9652142a7dda6091d43e08baf5debef
    Size: 541.83 kB
  4. python3-magic-5.33-20.el8.noarch.rpm
    MD5: aacd43a400fb2a22f3c2cdc5b18086b8
    SHA-256: a774bbd10a92b12094bc1be63a0b473ebad2a06089efda665ecf1d6b13b810ca
    Size: 45.04 kB
  5. file-devel-5.33-20.el8.i686.rpm
    MD5: e927ed41cf6a0d7623812051ac9aeeaf
    SHA-256: 10c661c919c2554ff5e61276e4d8af3e06a870db9e42950cab2132c4c9ae7268
    Size: 43.38 kB
  6. file-libs-5.33-20.el8.i686.rpm
    MD5: f6ad8dc0a1ff40abbefacfe7a05cae4e
    SHA-256: a3c8f0afb1eba9bc29f76331adfedcf3ca673da218c8a32914c0c6bb7ba68c03
    Size: 548.71 kB