You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa File

Sigurnosni nedostatak programskog paketa File

==========================================================================
Ubuntu Security Notice USN-4172-2
October 31, 2019

file vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

file could be made to crash or run programs if it opened a specially
crafted file.

Software Description:
– file: Tool to determine file types

Details:

USN-4172-1 fixed a vulnerability in file. This update provides
the corresponding update for Ubuntu 12.04 ESM Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that file incorrectly handled certain malformed files. An
attacker could use this issue to cause a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
file 1:5.14-2ubuntu3.4+esm1
libmagic1 1:5.14-2ubuntu3.4+esm1

Ubuntu 12.04 ESM:
file 5.09-2ubuntu0.8
libmagic1 5.09-2ubuntu0.8

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4172-2
https://usn.ubuntu.com/4172-1
CVE-2019-18218
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBAgAGBQJduxiMAAoJEEW851uECx9p928QAKS6CCKoareudMEdqajAWtTq
QXLFiB8t6J3Hds2KZdBHhFbS0pTF+sB5LCWOILH2AP7zYjTT3nAt/DKWn5MZzR6P
E7ny8tgkT42OvoFIY0qBMc4mJIK6UooiC6HfkbT9Y/oj1Tz6fB46nMkiZ7cjp1JU
308EUCRIUTfnwd0tLNguFVG9cm/Tq8o5L003l10w/6FzDr6qKcBWY9YDYBMS0bgd
/BcmK+lOqoJ+SGJRnViA9uflYAh+2M4uHxyaF5zgnhCNDRtlRRXRenGryAg2HLxJ
+0z7AAIk2eJoGYcqIaJA01iLliJs3obplFGZ55Jrja23KqmAFDOnS7+RIjeHM5Kh
J9MmzTNCimokFjJWq5TAwm+XL7ruceAI+HjTII0Laa6I3Q0lcnLgVZCu7vXW91RD
lp5Lq9VIz67WrEmwpxn5jSbY9xDAbQU5XKg+Cwl8FBzfQ8oV7ReUSvs8Wdpqc56W
Wslm5zgnB2YnIAu20K5EIpevfN5qhmaJW4SxPhugEJu3IZdvLZgL0yNE8vTbEsLz
wxiVuEsSwdVISfz8DJ4WvRZoHzsgWNBB5ZrfRHs0eMg9Ao8A7O1b3dneC+isZn4g
XcqKD0n2SoHTEIKH//HHVBWfTQI4QD+Vgad/1Kx5ROyTWVLZ5v1saFiOnZdcqfqG
0TXZFp9zlnGBWuN+lIMd
=2qbf
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskih paketa Process Automation Manager i Decision Manager

Otkriveni su sigurnosni nedostaci u programskim paketima Process Automation Manager i Decision Manager za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim...

Close