From 8ba024a0be635b16e664cf6d3eb528c2c041339c Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Sep 08 2017 15:44:30 +0000 Subject: Resolves: CVE-2017-1000249 - fix a possible stack based buffer overflow --- diff --git a/file-5.31-CVE-2017-1000249.patch b/file-5.31-CVE-2017-1000249.patch new file mode 100644 index 0000000..59448d4 --- /dev/null +++ b/file-5.31-CVE-2017-1000249.patch @@ -0,0 +1,27 @@ +From 82e05466f3ff730b8f28af81a1da15773cd43614 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Sun, 27 Aug 2017 07:55:02 +0000 +Subject: [PATCH] Fix always true condition (Thomas Jarosch) + +Upstream-commit: 35c94dc6acc418f1ad7f6241a6680e5327495793 +Signed-off-by: Kamil Dudka +--- + src/readelf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/readelf.c b/src/readelf.c +index c6b10f9..01ccd31 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -511,7 +511,7 @@ do_bid_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, + size_t noff, size_t doff, int *flags) + { + if (namesz == 4 && strcmp((char *)&nbuf[noff], "GNU") == 0 && +- type == NT_GNU_BUILD_ID && (descsz >= 4 || descsz <= 20)) { ++ type == NT_GNU_BUILD_ID && (descsz >= 4 && descsz <= 20)) { + uint8_t desc[20]; + const char *btype; + uint32_t i; +-- +2.13.5 + diff --git a/file.spec b/file.spec index 020d083..1179f77 100644 --- a/file.spec +++ b/file.spec @@ -3,7 +3,7 @@ Summary: A utility for determining file types Name: file Version: 5.31 -Release: 9%{?dist} +Release: 10%{?dist} License: BSD Group: Applications/File Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz @@ -22,6 +22,9 @@ Patch7: file-5.31-awk-perl-recognition.patch Patch8: file-5.31-gconv-cache-recognition.patch Patch9: file-5.31-ruby-recognition.patch +# fix a possible stack based buffer overflow (CVE-2017-1000249) +Patch10: file-5.31-CVE-2017-1000249.patch + URL: http://www.darwinsys.com/file/ Requires: file-libs = %{version}-%{release} BuildRequires: zlib-devel @@ -185,6 +188,9 @@ cd %{py3dir} %endif %changelog +* Fri Sep 08 2017 Kamil Dudka - 5.31-10 +- fix a possible stack based buffer overflow (CVE-2017-1000249) + * Fri Aug 18 2017 Marek Cermak - 5.31-9 - Ruby script recognition and classification (#1050897)