Ubuntu has issued an advisory on September 12: https://ubuntu.com/security/notices/USN-6359-1
CC: (none) => nicolas.salgueroSource RPM: (none) => file-5.39-4.mga8.src.rpm
Another for M8. We have had 5.41 since Oct 19 2021. How come the SRPM version here cites only 5.39? Stig seems to be the main new version committer.
Assignee: bugsquad => smelrorStatus comment: (none) => Fixed 5.41
Suggested advisory: ======================== The updated packages fix a security vulnerability: File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. (CVE-2022-48554) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554 https://ubuntu.com/security/notices/USN-6359-1 ======================== Updated packages in core/updates_testing: ======================== file-5.39-4.1.mga8 lib(64)magic1-5.39-4.1.mga8 lib(64)magic-devel-5.39-4.1.mga8 lib(64)magic-static-devel-5.39-4.1.mga8 python3-file-magic-5.39-4.1.mga8 from SRPM: file-5.39-4.1.mga8.src.rpm
Assignee: smelror => nicolas.salgueroStatus: NEW => ASSIGNEDStatus comment: Fixed 5.41 => (none)
Assignee: nicolas.salguero => qa-bugs
CC: (none) => mageia
MGA8-64 Xfce on Acer Aspire 5253 No installation issues Ref bug 25615 Comment 8 for testing - tx Len $ file -C generated a magic.mgc file. $ file magic.mgc magic.mgc: magic binary file for file(1) cmd (version 16) (little endian) Exclude ASCII text files: $ file -e ascii * $ file -e ascii * Desktop: directory Documents: directory Downloads: directory magic.mgc: magic binary file for file(1) cmd (version 16) (little endian) MC-Projects: directory mime: data Music: directory node_modules: directory package.json: JSON data package-lock.json: JSON data Pictures: directory qa-testing: directory Templates: directory thinclient_drives: sticky, directory tmp: directory traces: directory Videos: directory Continuing......
CC: (none) => herman.viaene
$ cd Documents/ $ file -e ascii * handleidingVM.pdf: PDF document, version 1.6 Helloworldnojfx.class: compiled Java class data, version 55.0 Helloworldnojfx.java: data HLN_MSAS07_18LACM.pdf: PDF document, version 1.6 (password protected) indent.c: data iphone-7-leaked-2017-ringtone-852 (1).mp4: ISO Media, MP4 Base Media v1 [IS0 14496-12:2003] Kelly.pcl: HP Printer Job Language data main.js: data sample-3.rar: RAR archive data, v4, os: Unix sample.pcl: data test_0.bin: data test_1.bin: data test_2.bin: data test_3.bin: data test_4.bin: data test_5.bin: data test_6.bin: data test_7.bin: data test_8.bin: data test_9.bin: data testcindentform.c: data test.pdf: PDF document, version 1.3 testpoppler-1_1.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 95x96, segment length 16, progressive, precision 8, 860x48, components 3 testpoppler-3_1.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 705x570, components 3 testpoppler-5_1.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 92x91, segment length 16, progressive, precision 8, 1600x900, components 3 testpoppler-6_1.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1269x377, components 3 testpoppler-6_2.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 735x568, components 3 testpoppler-7_1.jpg: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1285x621, components 3 testpoppler.html: data testpoppler_ind.html: data testpopplers.html: data test.rar: RAR archive data, v5 test.sha256: data VM.txt: data volkstuintjes: directory [tester8@mach7 Documents]$ file -e ascii * | grep ASCII no feedback, which is correct $ file -d * produces too much info $ cd Pictures/1981\ Shelton/ $ file --extension * | egrep "jpg|png" shelt0001.jpeg: jpeg/jpg/jpe/jfif shelt0002.jpeg: jpeg/jpg/jpe/jfif shelt0003.jpeg: jpeg/jpg/jpe/jfif shelt0004.jpeg: jpeg/jpg/jpe/jfif shelt0005.jpeg: jpeg/jpg/jpe/jfif shelt0006.jpeg: jpeg/jpg/jpe/jfif shelt0007.jpeg: jpeg/jpg/jpe/jfif shelt0008.jpeg: jpeg/jpg/jpe/jfif shelt0009.jpeg: jpeg/jpg/jpe/jfif $ cd [tester8@mach7 ~]$ file -e elf /usr/bin/file /usr/bin/file: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) $ file /mnt/video2/12de\ man/12demandeel1.avi /mnt/video2/12de man/12demandeel1.avi: RIFF (little-endian) data, AVI, 720 x 576, 25.00 fps, video:, audio: uncompressed PCM (stereo, 48000 Hz) # file -s /dev/sda* /dev/sda: DOS/MBR boot sector; GRand Unified Bootloader, stage1 version 0x3, stage2 address 0x2000, stage2 segment 0x200 /dev/sda1: Linux rev 1.0 ext4 filesystem data, UUID=3c3d9634-3ab2-48b7-84ec-60a198745601 (needs journal recovery) (extents) (64bit) (large files) (huge files) /dev/sda2: DOS/MBR boot sector; partition 1 : ID=0x82, start-CHS (0x3ff,254,63), end-CHS (0x3ff,254,63), startsector 26, 8174980 sectors; partition 2 : ID=0x5, start-CHS (0x3ff,254,63), end-CHS (0x3ff,254,63), startsector 8175642, 380836254 sectors, extended partition table /dev/sda5: Linux swap file, 4k page size, little endian, version 1, size 1021871 pages, 0 bad pages, no label, UUID=db67c0c2-e821-47a6-b514-8064b4c7e456 /dev/sda6: Linux rev 1.0 ext4 filesystem data, UUID=0631c6c5-1e0e-4daf-81a1-3f63f136a092 (needs journal recovery) (extents) (64bit) (large files) (huge files) /dev/sda7: Linux rev 1.0 ext4 filesystem data, UUID=1222dd2c-79db-496a-9fa4-eb0cab365ff3, volume name "m7mach8" (needs journal recovery) (extents) (64bit) (large files) (huge files) All seems correct, good to go.
Whiteboard: (none) => MGA8-64-OK
Validating. Advisory in comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0268.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED