Univention Bugzilla – Full Text Bug Listing |
Summary: | file: Multiple issues (3.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Moritz Muehlenhoff <jmm> |
Component: | Security updates | Assignee: | Stefan Gohmann <gohmann> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | normal | ||
Priority: | P3 | CC: | gohmann, requate, walkenhorst |
Version: | UCS 3.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 3.2-7-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Moritz Muehlenhoff
2014-02-17 08:45:30 CET
Denial of service in libmagic (CVE-2014-2270) CVE-2013-7345: Denial of service in magic for awk scripts Buffer overflow in CDF module (CVE-2014-3487, CVE-2014-3479, CVE-2014-3480, CVE-2014-0207) Incorrect string size calculation in the softmagic module (CVE-2014-3478) Buffer overflow in CDF parsing (CVE-2014-3587) Out of bounds reads when parsing ELF section headers (CVE-2014-3710) Denial of service issues in the ELF parser (CVE-2014-8116, CVE-2014-8117) Denial of service when processing malformed ELF files (CVE-2014-9653) Fixed in upstream Debian package version 5.04-5+squeeze10 5.04-5+squeeze10 has been imported and build. It also fixes * Performance degradation (CVE-2014-0237) * Infinite loop or out-of-bounds memory access (CVE-2014-0238) * CPU consumption (CVE-2014-3538) YAML: 2015-08-29-acpi-support.yaml OK - version 5.04-5+squeeze10 built in errata3.2-7 OK - CVE's OK - YAML |