Univention Bugzilla – Bug 34135
file: Multiple issues (3.2)
Last modified: 2015-09-09 11:31:13 CEST
+++ This bug was initially created as a clone of Bug #34134 +++ CVE-2014-1943 Incorrect handling of indirect rules in libmagic may lead to an infinite loop, resulting in denial of service
Denial of service in libmagic (CVE-2014-2270)
CVE-2013-7345: Denial of service in magic for awk scripts
Buffer overflow in CDF module (CVE-2014-3487, CVE-2014-3479, CVE-2014-3480, CVE-2014-0207) Incorrect string size calculation in the softmagic module (CVE-2014-3478)
Buffer overflow in CDF parsing (CVE-2014-3587)
Out of bounds reads when parsing ELF section headers (CVE-2014-3710)
Denial of service issues in the ELF parser (CVE-2014-8116, CVE-2014-8117)
Denial of service when processing malformed ELF files (CVE-2014-9653)
Fixed in upstream Debian package version 5.04-5+squeeze10
5.04-5+squeeze10 has been imported and build. It also fixes * Performance degradation (CVE-2014-0237) * Infinite loop or out-of-bounds memory access (CVE-2014-0238) * CPU consumption (CVE-2014-3538) YAML: 2015-08-29-acpi-support.yaml
OK - version 5.04-5+squeeze10 built in errata3.2-7 OK - CVE's OK - YAML
<http://errata.software-univention.de/ucs/3.2/366.html>