Debian 9844 Published by

Updated file packages has been released for Debian GNU/Linux 7 Extended LTS to fix a security issue where remote attackers can cause a denial of service via crafted ELF file



Package file
Version 5.11-2+deb7u10
Related CVE CVE-2018-10360
do_core_note() in readelf.c allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

For Debian 7 Wheezy, these problems have been fixed in version 5.11-2+deb7u10.

We recommend that you upgrade your file packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/