ELSA-2015-2155

Описание

[5.11-31]

• fix #1255396 - Make the build ID output consistent with other tools

[5.11-30]

• fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048

[5.11-29]

• fix #839229 - fix detection of version of XML files

[5.11-28]

• fix #839229 - fix detection of version of XML files

[5.11-27]

• fix CVE-2014-0207 - cdf_read_short_sector insufficient boundary check
• fix CVE-2014-0237 - cdf_unpack_summary_info() excessive looping DoS
• fix CVE-2014-0238 - CDF property info parsing nelements infinite loop
• fix CVE-2014-3478 - mconvert incorrect handling of truncated pascal string
• fix CVE-2014-3479 - fix extensive backtracking in regular expression
• fix CVE-2014-3480 - cdf_count_chain insufficient boundary check
• fix CVE-2014-3487 - cdf_read_property_info insufficient boundary check
• fix CVE-2014-3538 - unrestricted regular expression matching
• fix CVE-2014-3587 - fix cdf_read_property_info
• fix CVE-2014-3710 - out-of-bounds read in elf note headers
• fix CVE-2014-8116 - multiple denial of service issues (resource consumption)
• fix CVE-2014-8117 - denial of service issue (resource consumption)
• fix CVE-2014-9652 - out of bounds read in mconvert()
• fix CVE-2014-9653 - malformed elf file causes access to uninitialized memory

[5.11-26]

• fix #1080452 - remove .orig files from magic directory

[5.11-25]

• fix #1224667, #1224668 - show additional info for Linux swap files

[5.11-24]

• fix #1064268 - fix stray return -1

[5.11-23]

• fix #1094648 - improve Minix detection pattern to fix false positives
• fix #1161912 - trim white-spaces during ISO9660 detection
• fix #1157850 - fix detection of ppc64le ELF binaries
• fix #1161911 - display 'from' field on 32bit ppc core
• fix #1064167 - revert MAXMIME patch
• fix #1064268 - detect Dwarf debuginfo as 'not stripped'
• fix #1082689 - fix invalid read when matched pattern is the last one tried
• fix #1080362 - remove deadcode and OFFSET_OOB redefinition

[5.11-22]

• fix #1067688 - add support for aarch64 ELF binaries