Security Advisory Moderate: file security update

Advisory: RHSA-2007:0124-2
Type: Security Advisory
Severity: Moderate
Issued on: 2007-03-23
Last updated on: 2007-03-23
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20070124.xml
CVEs (cve.mitre.org): CVE-2007-1536

Details

An updated file package that fixes a security flaw is now available for Red
Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The file command is used to identify a particular file according to the
type of data contained by the file.

An integer underflow flaw was found in the file utility. An attacker could
create a carefully crafted file which, if examined by a victim using the
file utility, could lead to arbitrary code execution. (CVE-2007-1536)

This issue did not affect the version of the file utility distributed with
Red Hat Enterprise Linux 2.1 or 3.

Users should upgrade to this erratum package, which contain a backported
patch to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
file-4.10-3.EL4.5.src.rpm
File outdated by:  RHBA-2007:1098		     c8528fe4a34f010c709d5f9dc93b73a5
 
IA-32:
file-4.10-3.EL4.5.i386.rpm
File outdated by:  RHBA-2007:1098		     2148dbe144b2c050a5aa94559f3a1fe1
 
x86_64:
file-4.10-3.EL4.5.x86_64.rpm
File outdated by:  RHBA-2007:1098		     ca289eace58ff0886e6fc40f55b7d03e
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
file-4.17-9.el5.src.rpm
File outdated by:  RHBA-2008:0308		     565e3adeb330d941e62779e973043c8a
 
IA-32:
file-4.17-9.el5.i386.rpm
File outdated by:  RHBA-2008:0308		     d044793730b6eb50f99f89e250ff1f68
 
IA-64:
file-4.17-9.el5.ia64.rpm
File outdated by:  RHBA-2008:0308		     ec120e826901810a56d962483b02612a
 
PPC:
file-4.17-9.el5.ppc.rpm
File outdated by:  RHBA-2008:0308		     9fe5754f3933494b9c973e30d570ff77
 
s390x:
file-4.17-9.el5.s390x.rpm
File outdated by:  RHBA-2008:0308		     798d452831a511b2145aeb4ab21b66d3
 
x86_64:
file-4.17-9.el5.x86_64.rpm
File outdated by:  RHBA-2008:0308		     7d76d229b35d23af0ab593322c49c1b6
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
file-4.10-3.EL4.5.src.rpm
File outdated by:  RHBA-2007:1098		     c8528fe4a34f010c709d5f9dc93b73a5
 
IA-32:
file-4.10-3.EL4.5.i386.rpm
File outdated by:  RHBA-2007:1098		     2148dbe144b2c050a5aa94559f3a1fe1
 
IA-64:
file-4.10-3.EL4.5.ia64.rpm
File outdated by:  RHBA-2007:1098		     4213f7d5e2c136a3bebc008f43f9b9cb
 
PPC:
file-4.10-3.EL4.5.ppc.rpm
File outdated by:  RHBA-2007:1098		     4ff799e23850ad56b777c3213b5897b3
 
s390:
file-4.10-3.EL4.5.s390.rpm
File outdated by:  RHBA-2007:1098		     947e89850ecd9f3e218a86b31060bbff
 
s390x:
file-4.10-3.EL4.5.s390x.rpm
File outdated by:  RHBA-2007:1098		     238b84277df82e589e2da1c080390391
 
x86_64:
file-4.10-3.EL4.5.x86_64.rpm
File outdated by:  RHBA-2007:1098		     ca289eace58ff0886e6fc40f55b7d03e
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
file-4.17-9.el5.src.rpm
File outdated by:  RHBA-2008:0308		     565e3adeb330d941e62779e973043c8a
 
IA-32:
file-4.17-9.el5.i386.rpm
File outdated by:  RHBA-2008:0308		     d044793730b6eb50f99f89e250ff1f68
 
x86_64:
file-4.17-9.el5.x86_64.rpm
File outdated by:  RHBA-2008:0308		     7d76d229b35d23af0ab593322c49c1b6
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
file-4.10-3.EL4.5.src.rpm
File outdated by:  RHBA-2007:1098		     c8528fe4a34f010c709d5f9dc93b73a5
 
IA-32:
file-4.10-3.EL4.5.i386.rpm
File outdated by:  RHBA-2007:1098		     2148dbe144b2c050a5aa94559f3a1fe1
 
IA-64:
file-4.10-3.EL4.5.ia64.rpm
File outdated by:  RHBA-2007:1098		     4213f7d5e2c136a3bebc008f43f9b9cb
 
x86_64:
file-4.10-3.EL4.5.x86_64.rpm
File outdated by:  RHBA-2007:1098		     ca289eace58ff0886e6fc40f55b7d03e
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
file-4.10-3.EL4.5.src.rpm
File outdated by:  RHBA-2007:1098		     c8528fe4a34f010c709d5f9dc93b73a5
 
IA-32:
file-4.10-3.EL4.5.i386.rpm
File outdated by:  RHBA-2007:1098		     2148dbe144b2c050a5aa94559f3a1fe1
 
IA-64:
file-4.10-3.EL4.5.ia64.rpm
File outdated by:  RHBA-2007:1098		     4213f7d5e2c136a3bebc008f43f9b9cb
 
x86_64:
file-4.10-3.EL4.5.x86_64.rpm
File outdated by:  RHBA-2007:1098		     ca289eace58ff0886e6fc40f55b7d03e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

233161 - CVE-2007-1536 file 4.20 fixes a heap overflow in that can result in arbitrary code execution
233337 - CVE-2007-1536 file 4.20 fixes a heap overflow in that can result in arbitrary code execution


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/