-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : file Version : 1:5.22+15-2+deb8u6 CVE ID : CVE-2019-18218
An issue has been found in file, a tool to determine file types by using magic numbers.
The number of CDF_VECTOR elements had to be restricted in order to prevent a heap-based buffer overflow (4-byte out-of-bounds write).
For Debian 8 "Jessie", this problem has been fixed in version 1:5.22+15-2+deb8u6. We recommend that you upgrade your file packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl2wtndfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEeJ0A//ccJGz9pbo1l7+SOx/XZ1UjaIqsGnfJl15o/b+846hH/JFRrQAavnF9Hk 0M78N554wXCq9sfcv95DdI9o1bQa3Zp9QiUpYWzHt1AdZGtYv4aoGULZHxgecWxE YIa2aBWD1pOQVC6fOPqEximgpnByPoHDVpihQuMPBMvUvJz9yck+mbWKB7EIyRZ3 fZarjArOJvvKFToujKP+cB+4IdC9E1CvFxLHRF77yzT0kfhhKl4Sdwi+6igeLJ5g aAHtxMoveWcvU5PLuun9yzMi9ZlLa1wiSgniMiU/ATCxUD+SP8bMXXtK7+/q3uCR lEJZHAwDovK4dmsWexZD5gXA3P/1iKT3hJ/RQnGZzqu5IlGTTOqSvNmEMgenqDhZ 2YJfOoHHiFDfmChQhb6eXE0wb071zuGH9GlQCKDfOWbcHVQhm3wecthvDJu0qVNt ZSnr2usfKaoSPjT3dnl7mQPSemGJdCU+c2SbBavXCuo+7/kBY4MV9yMjMyQiNY45 xo6VdvFX5zSEOGyRyC3yl3sLs4gjz0Tc3L3wZ9ecdP7P03EXoM0PHy+1KqyNGHzC /MCTUnzwLTv2OIM08s5ruynE5wwOyyEPNE+JUzyTj722bNvtr4s5xYSKFfliYg/i NcQI0JC6xxCA2SykGcgB3Rsy/mQcRI8q5Oe25eSC5h6d8yyezcc= =Ttww -----END PGP SIGNATURE-----
