Source: file Version: 1:5.33-1 Severity: important Tags: security upstream Hi,
The following vulnerability was published for file. CVE-2018-10360[0]: | The do_core_note function in readelf.c in libmagic.a in file 5.33 | allows remote attackers to cause a denial of service (out-of-bounds | read and application crash) via a crafted ELF file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-10360 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360 [1] https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Please adjust the affected versions in the BTS as needed, only unstable checked at time of filling bug report. Regards, Salvatore