[Bug 883306] New: file 5.19 fixes several vulnerabilities
https://bugzilla.novell.com/show_bug.cgi?id=883306 https://bugzilla.novell.com/show_bug.cgi?id=883306#c0 Summary: file 5.19 fixes several vulnerabilities Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: All OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:30.0) Gecko/20100101 Firefox/30.0
"This is a bug fix release that also contains many security related changes." * Misc buffer overruns and missing buffer size tests in cdf parsing (Francisco Alonso, Jan Kaluza) * Enforce limit of 8K on regex searches that have no limits * Allow the l modifier for regex to mean line count. Default to byte count. If line count is specified, assume a max of 80 characters per line to limit the byte count. * Don't allow conversions to be used for dates, allowing the mask field to be used as an offset. * Make the range operator limit the length of the regex search. * PR/347: Windows fixes * PR/352: Hangul word processor recognition * Fix uninitialized title in CDF files (Jan Kaluza) * PR/351: Fix compilation of empty files * Fix integer formats: We don't specify 'l' or 'h' and 'hh' specifiers anymore, only 'll' for quads and nothing for the rest. This is so that magic writing is simpler. * PR/341: Jan Kaluza, fix memory leak * PR/342: Jan Kaluza, fix out of bounds read * Fix issue with long formats not matching fmtcheck Reproducible: Didn't try -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c1
--- Comment #1 from Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c2
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c3
--- Comment #3 from Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c4
Dr. Werner Fink
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c5
--- Comment #5 from Dr. Werner Fink
https://bugzilla.novell.com/show_bug.cgi?id=883306
https://bugzilla.novell.com/show_bug.cgi?id=883306#c6
--- Comment #6 from Andreas Stieger
The patch below the link is old and foes not belong to the changes in file-5.19
You are right, I am sorry for causing extra work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com