[sflack-security] file [and bin package] (SFSA:2007-093-01)

[sflack-security]  file [and bin package] (SFSA:2007-093-01)

New file packages are available for Sflack 11.0, and -current
to fix a security issue.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:


Here are the details from the Sflack 11.0 ChangeLog:
Upgraded to file-4.20.
This fixes a heap overflow that could allow code to be executed as the
user running file (note that there are many scenarios where file might be
used automatically, such as in virus scanners or spam filters).
For more information, see:
(* Security fix *)

Where to find the new packages:

See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.

Updated package for Sflack 11.0:

Updated package for Sflack -current:

MD5 signatures:

Sflack 11.0 package:
0e97c0e080068bb00a2fed2f638cd408 file-4.20-x86_64-1_sflack11.0.tgz

Sflack -current package:
7757d2406f21fbde431d0502e009272a file-4.20-x86_64-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg --install-new file-4.20-x86_64-1_sflack11.0.tgz


Sflack Linux Security Team
security a sflack.com