heise open - Lücke in Unix-Tool file gefährdet Systemsicherheit

National Vulnerability Database (CVE-2007-2799)

rhn.redhat.com | Red Hat Support

Code:
# rpm -qi --changelog file
Name        : file                         Relocations: (not relocatable)
Version     : 4.17                              Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany
Release     : 27                            Build Date: Fr 25 Mai 2007 17:45:48 CEST
Install Date: Do 07 Jun 2007 01:50:01 CEST      Build Host: lrupp1.suse.de
Group       : Productivity/File utilities   Source RPM: file-4.17-27.src.rpm
Size        : 1580108                          License: Other uncritical OpenSource License
Signature   : DSA/SHA1, Fr 25 Mai 2007 17:51:54 CEST, Key ID a84edae89c800aca
Packager    : Submitting Bug Reports - openSUSE
URL         : The Fine Free File Command
Summary     : A Tool to Determine File Types
Description :
With the file command, you can obtain information on the file type of a
specified file. File type recognition is controlled by the file
/etc/magic, which contains the classification criteria. This command is
used by apsfilter to permit automatic printing of different file types.



Authors:
--------
    Mark Moraes <moraes@deshaw.com>
    Christos Zoulas <christos@deshaw.com>
Distribution: openSUSE 10.2 (i586)
* Do Mai 24 2007 - werner@suse.de
- Fix of the fix for bug #256290 with CVE-2007-2799
Greetz,

RM