A bug reported to Debian [1] affects file 5.x which is only available in the forthcoming Fedora 11. When running file on an MSI file, file crashes. The following link causes a crash with file 5.x: http://www.python.org/ftp/python/2.6.2/python-2.6.2.msi. Tested with file 4.x on Fedora 10, RHEL5, and RHEL4 and the file is properly identified. % file python-2.6.2.msi *** glibc detected *** file: munmap_chunk(): invalid pointer: 0x0000000001a8cf50 *** There is currently no patch to correct the issue that I can find. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820
hello, I have reported the issue to file upstream
Secunia has issued an advisory about this: http://secunia.com/advisories/34881/
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-1515 to the following vulnerability: Name: CVE-2009-1515 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 Assigned: 20090504 Reference: MISC: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515603 Reference: MISC: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820 Reference: CONFIRM:ftp://ftp.astron.com/pub/file/file-5.01.tar.gz Reference: BID:34745 Reference: URL: http://www.securityfocus.com/bid/34745 Reference: OSVDB:54100 Reference: URL: http://www.osvdb.org/54100 Reference: SECUNIA:34881 Reference: URL: http://secunia.com/advisories/34881 Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information. Despite the allusion to it above, file 5.01 does *not* fix what the python.msi file breaks.
file 5.02 which was released today corrects the issue: ~/Download/tmp/file-5.02/src/ >% ./file --magic=../magic/magic.mgc ~/Desktop/python-2.6.2.msi /home/vdanen/Desktop/python-2.6.2.msi: CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Title: Installation Database, Subject: Python 2.6.2, Author: Python Software Foundation, Template: Intel;1033, Revision Number: {7D2E52BC-98BB-493F-BC14-CFF942D2FB84}, Number of Words: 2, Number of Pages: 200, Name of Creating Application: Python MSI Library ~/Download/tmp/file-5.02/src/ >% ./file --magic=../magic/magic.mgc --version lt-file-5.02 magic file from ../magic/magic.mgc
Hello, I updated to 5.02 in rawhide (F12). F11 has development freeze right now, so I cannot put the new version there...
Hi, Daniel. I just got the go-ahead from Jesse so you can push this for F11 despite the freeze. If you could do that, that would be fantastic. Thanks!
OK, built and filed a ticket in releng trac ( https://fedorahosted.org/rel-eng/ticket/1740 )
file-5.02-1.fc11 was successfully tagged into f11-final
Sorry, Daniel, but 5.03 is out now with more CDF-related security fixes: http://mx.gw.com/pipermail/file/2009/000383.html There is no CVE name as of yet.
(In reply to comment #9) > Sorry, Daniel, but 5.03 is out now with more CDF-related security fixes: OK, requested dist-f11 tag https://fedorahosted.org/rel-eng/ticket/1785 (F12 already done yesterday)
file-5.03-1.fc11 successfully tagged into f11-final