First published: Thu Jun 28 2018(Updated: )
USN-3686-1 fixed a vulnerability in file. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that file incorrectly handled certain magic files. An attacker could use this issue with a specially crafted magic file to cause a denial of service, or possibly execute arbitrary code. (CVE-2015-8865) It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service. (CVE-2018-10360)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libmagic1 | <5.09-2ubuntu0.7 | 5.09-2ubuntu0.7 |
=12.04 | ||
All of | ||
ubuntu/file | <5.09-2ubuntu0.7 | 5.09-2ubuntu0.7 |
=12.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of USN-3686-2 is not specified in the provided information.
The vulnerability ID for this update is CVE-2015-8865 and CVE-2018-10360.
The affected software is libmagic1 version 5.09-2ubuntu0.7 and file version 5.09-2ubuntu0.7 on Ubuntu 12.04.
To fix the vulnerability in libmagic1, update to version 5.09-2ubuntu0.7.
To fix the vulnerability in file, update to version 5.09-2ubuntu0.7.