Synopsis: Moderate: file security, bug fix, and enhancement update Advisory ID: SLSA-2016:0760-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2014-3587 CVE-2014-3538 CVE-2014-3710 CVE-2014-8116 CVE-2014-8117 CVE-2014-9653 CVE-2014-9620 -- Security Fix(es): * Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) * A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) * Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653) -- SL6 x86_64 file-5.04-30.el6.x86_64.rpm file-debuginfo-5.04-30.el6.i686.rpm file-debuginfo-5.04-30.el6.x86_64.rpm file-libs-5.04-30.el6.i686.rpm file-libs-5.04-30.el6.x86_64.rpm python-magic-5.04-30.el6.x86_64.rpm file-devel-5.04-30.el6.i686.rpm file-devel-5.04-30.el6.x86_64.rpm file-static-5.04-30.el6.x86_64.rpm i386 file-5.04-30.el6.i686.rpm file-debuginfo-5.04-30.el6.i686.rpm file-libs-5.04-30.el6.i686.rpm python-magic-5.04-30.el6.i686.rpm file-devel-5.04-30.el6.i686.rpm file-static-5.04-30.el6.i686.rpm - Scientific Linux Development Team