Debian 10225 Published by

A file security update has been released for Debian 6 LTS



Package : file
Version : 5.04-5+squeeze8
CVE ID : CVE-2014-3710
Debian Bug : 768806

Francisco Alonso of Red Hat Product Security found an issue in the file
utility: when checking ELF files, note headers are incorrectly checked,
thus potentially allowing attackers to cause a denial of service
(out-of-bounds read and application crash) by supplying a specially
crafted ELF file.

For the long-term stable distribution (squeeze-lts), this problem has been
fixed in version 5.04-5+squeeze8.