| Package | file |
|---|---|
| Version | 5.11-2+deb7u11 |
| Related CVEs | CVE-2019-18218 |
An issue has been found in file, a tool to determine file types by using magic numbers.
The number of CDF_VECTOR elements had to be restricted in order to prevent a heap-based buffer overflow (4-byte out-of-bounds write).
For Debian 7 Wheezy, these problems have been fixed in version 5.11-2+deb7u11.
We recommend that you upgrade your file packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.