ELSA-2016-0760

Описание

[5.04-30]

• fix CVE-2014-3538 (unrestricted regular expression matching)

[5.04-29]

• fix #1284826 - try to read ELF header to detect corrupted one

[5.04-28]

• fix #1263987 - fix bugs found by coverity in the patch

[5.04-27]

• fix CVE-2014-3587 (incomplete fix for CVE-2012-1571)
• fix CVE-2014-3710 (out-of-bounds read in elf note headers)
• fix CVE-2014-8116 (multiple DoS issues (resource consumption))
• fix CVE-2014-8117 (denial of service issue (resource consumption))
• fix CVE-2014-9620 (limit the number of ELF notes processed)
• fix CVE-2014-9653 (malformed elf file causes access to uninitialized memory)

[5.04-26]

• fix #809898 - add support for detection of Python 2.7 byte-compiled files

[5.04-25]

• fix #1263987 - fix coredump execfn detection on ppc64 and s390

[5.04-24]

• fix #966953 - include msooxml file in magic.mgc generation

[5.04-23]

• fix #966953 - increate the strength of MSOOXML magic patterns

[5.04-22]

• fix #1169509 - add support for Java 1.7 and 1.8
• fix #1243650 - comment out too-sensitive Pascal magic
• fix #1080453 - remove .orig files from magic directory
• fix #1161058 - add support for EPUB
• fix #1162149 - remove parts of patches patching .orig files
• fix #1154802 - fix detection of zip files containing file named 'mime'
• fix #1246073 - fix detection UTF8 and UTF16 encoded XML files
• fix #1263987 - add new 'execfn' to coredump output to show the real name of executable which generated the coredump
• fix #809898 - add support for detection of Python 3.2-3.5 byte-compiled files
• fix #966953 - backport support for MSOOXML