file-5.33-20.el8
エラータID: AXSA:2021-2595:03
リリース日:
2021/12/10 Friday - 07:30
題名:
file-5.33-20.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目に対処しました。
[Security Fix]
- file の cdf.c 内の cdf_read_property_info 関数では、CDF_VECTOR 要素数の
制限がないため、ヒープベースのバッファオーバーフローを引き起こすことの
可能な脆弱性があります。(CVE-2019-18218)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-18218
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
追加情報:
N/A
ダウンロード:
SRPMS
- file-5.33-20.el8.src.rpm
MD5: 7717d1a13b9ff57bfd03912bb54bc4d5
SHA-256: 3ad585095afb2089c5eca3eaaf9174414033494a836159650132d7c439fb23a8
Size: 861.15 kB
Asianux Server 8 for x86_64
- file-5.33-20.el8.x86_64.rpm
MD5: 5db371eee01f0769f1783ff4adacf124
SHA-256: 3ccda08ff94735d275ea4c0c1f6f2d2ec375d581375b1c57b40bd7bdb7b92c98
Size: 75.66 kB - file-devel-5.33-20.el8.x86_64.rpm
MD5: b45e32ca69f208a97b265cbe628b539f
SHA-256: 3d1eccea38c32f7250c0b07ff4cc181eeb954aab11835156ef9c8f67c47839c5
Size: 43.36 kB - file-libs-5.33-20.el8.x86_64.rpm
MD5: 6d55fcc2eb0aff6386d55e0f472f22aa
SHA-256: 4884561687337e911442703078c6abd2a9652142a7dda6091d43e08baf5debef
Size: 541.83 kB - python3-magic-5.33-20.el8.noarch.rpm
MD5: aacd43a400fb2a22f3c2cdc5b18086b8
SHA-256: a774bbd10a92b12094bc1be63a0b473ebad2a06089efda665ecf1d6b13b810ca
Size: 45.04 kB - file-devel-5.33-20.el8.i686.rpm
MD5: e927ed41cf6a0d7623812051ac9aeeaf
SHA-256: 10c661c919c2554ff5e61276e4d8af3e06a870db9e42950cab2132c4c9ae7268
Size: 43.38 kB - file-libs-5.33-20.el8.i686.rpm
MD5: f6ad8dc0a1ff40abbefacfe7a05cae4e
SHA-256: a3c8f0afb1eba9bc29f76331adfedcf3ca673da218c8a32914c0c6bb7ba68c03
Size: 548.71 kB
English