Subject: CVS commit: pkgsrc/sysutils/file
From: Benny Siegert
Date: 2018-06-30 11:27:03
Message id: 20180630092703.34563FBEC@cvs.NetBSD.org

Log Message:
Patch file for CVE-2018-10360.

Patch from Matthias Ferdinand on pkgsrc-users.

The do_core_note function in readelf.c in libmagic.a in file
5.33 allows remote attackers to cause a denial of service
(out-of-bounds read and application crash) via a crafted ELF
file.

Files:
RevisionActionfile
1.42modifypkgsrc/sysutils/file/Makefile
1.31modifypkgsrc/sysutils/file/distinfo
1.1addpkgsrc/sysutils/file/patches/patch-src_readelf.c