[v2.7] file: ELF parser DoS (CVE-2014-9620, CVE-2014-9621)
References:
http://seclists.org/oss-sec/2015/q1/164
CONFIRM:
https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
CONFIRM:
https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
MLIST:[File] 20150102 file 5.22 is now available
URL: http://mx.gw.com/pipermail/file/2015/001660.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621
(from redmine: issue id 3861, created on 2015-02-02, closed on 2015-02-04)
- Relations:
- parent #3859 (closed)
- Changesets:
- Revision b0bbf889 by Natanael Copa on 2015-02-02T11:34:49Z:
main/file: security upgrade to 5.22 (CVE-2014-8116,CVE-2014-8117,CVE-2014-9620,CVE-2014-9621)
fixes #3806
fixes #3861