Thomas Jarosch discovered a stack-based buffer overflow flaw in file, a file type classification tool, which may result in denial of service if an ELF binary with a specially crafted .notes section is processed. For the stable distribution (stretch), this problem has been fixed in version 1:5.30-1+deb9u1. For the unstable distribution (sid), this problem has been fixed in version 1:5.32-1. We recommend that you upgrade your file packages.
Thomas Jarosch discovered a stack-based buffer overflow flaw in file, a file type classification tool, which may result in denial of service if an ELF binary with a specially crafted .notes section is processed.
For the stable distribution (stretch), this problem has been fixed in version 1:5.30-1+deb9u1.
For the unstable distribution (sid), this problem has been fixed in version 1:5.32-1.
We recommend that you upgrade your file packages.