Oval Definition:oval:com.redhat.rhsa:def:20070391
Revision Date:2007-05-30Version:636
Title:RHSA-2007:0391: file security update (Moderate)
Description:The file command is used to identify a particular file according to the type of data contained by the file.

  • The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799)

    This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3.

    Users should upgrade to this erratum package, which contain a backported patch to correct this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2007-2799
    RHSA-2007:0391
    RHSA-2007:0391-02
    RHSA-2007:0391-02
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND file is earlier than 0:4.10-3.0.2.el4
  • AND file is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND file is earlier than 0:4.17-9.0.1.el5
  • AND file is signed with Red Hat redhatrelease2 key
  • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 4 is installed
  • AND file is earlier than 0:4.10-3.0.2.el4
  • AND file is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND file is earlier than 0:4.17-9.0.1.el5
  • AND file is signed with Red Hat redhatrelease key
  • BACK