rpms/file/F-7 file-4.21-magic.patch, NONE, 1.1 file-4.21-oracle.patch, NONE, 1.1 .cvsignore, 1.18, 1.19 file.spec, 1.62, 1.63 sources, 1.18, 1.19 file-4.19-magic.patch, 1.2, NONE file-4.19-oracle.patch, 1.1, NONE file-4.20-REG_STARTEND.patch, 1.1, NONE file-4.20-unused.patch, 1.1, NONE

Martin Bacovsky (mbacovsk) fedora-extras-commits at redhat.com
Tue May 29 11:02:43 UTC 2007


Author: mbacovsk

Update of /cvs/pkgs/rpms/file/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11619

Modified Files:
	.cvsignore file.spec sources 
Added Files:
	file-4.21-magic.patch file-4.21-oracle.patch 
Removed Files:
	file-4.19-magic.patch file-4.19-oracle.patch 
	file-4.20-REG_STARTEND.patch file-4.20-unused.patch 
Log Message:
* Tue May 29 2007 Martin Bacovsky <mbacovsk at redhat.com> - 4.21-1
- upgrade to new upstream 4.21
- resolves: #241034: CVE-2007-2799 file integer overflow


file-4.21-magic.patch:

--- NEW FILE file-4.21-magic.patch ---
--- file-4.21/magic/Magdir/revision.magic	2007-04-09 18:33:07.000000000 +0200
+++ file-4.21/magic/Magdir/revision	2007-05-28 21:41:15.000000000 +0200
@@ -4,6 +4,11 @@
 # From Hendrik Scholz <hendrik at scholz.net>
 0	string	/1\ :pserver:	cvs password text file
 
+# Subversion (SVN) dumps
+# Uwe Zeisberger <zeisberg at informatik.uni-freiburg.de>
+0       string  SVN-fs-dump-format-version:     Subversion dumpfile
+>28     string  >\0                             (version: %s)
+
 # Conary changesets
 # From: Jonathan Smith <smithj at rpath.com>
 0	belong	0xea3f81bb	Conary changeset data
--- file-4.21/magic/Magdir/apple.magic	2006-03-02 23:10:26.000000000 +0100
+++ file-4.21/magic/Magdir/apple	2007-05-28 21:33:01.000000000 +0200
@@ -10,6 +10,23 @@
 0	belong		0x00051600		AppleSingle encoded Macintosh file
 0	belong		0x00051607		AppleDouble encoded Macintosh file
 
+# Apple Emulator 2IMG format
+#
+0	string		2IMG		Apple ][ 2IMG Disk Image
+>4	string		XGS!		\b, XGS
+>4	string		CTKG		\b, Catakig
+>4	string		ShIm		\b, Sheppy's ImageMaker
+>4	string		WOOF		\b, Sweet 16
+>4	string		B2TR		\b, Bernie ][ the Rescue
+>4	string		!nfc		\b, ASIMOV2
+>4	string		x		\b, Unknown Format
+>0xc	byte		00		\b, DOS 3.3 sector order
+>>0x10	byte		00		\b, Volume 254
+>>0x10	byte&0x7f	x		\b, Volume %u
+>0xc	byte		01		\b, ProDOS sector order
+>>0x14	short		x		\b, %u Blocks
+>0xc	byte		02		\b, NIB data
+
 # magic for Newton PDA package formats
 # from Ruda Moura <ruda at helllabs.org>
 0	string	package0	Newton package, NOS 1.x,
--- file-4.21/magic/Magdir/images.magic	2007-05-03 17:11:33.000000000 +0200
+++ file-4.21/magic/Magdir/images	2007-05-28 21:33:01.000000000 +0200
@@ -525,6 +525,12 @@
 0	belong	0x0e031301	Hierarchical Data Format (version 4) data
 0	string	\211HDF\r\n\032	Hierarchical Data Format (version 5) data
 
+# The boot loaders syslinux and isolinux use a RLE based image format
+# called SLL16 to store splash screens.
+0	lelong		0x1413f33d	Syslinux SLL16 image data,
+>4	leshort		>0		%hd x
+>6	leshort		>0		%hd
+
 # From: Tobias Burnus <burnus at net-b.de>
 # Xara (for a while: Corel Xara) is a graphic package, see
 # http://www.xara.com/ for Windows and as GPL application for
--- file-4.21/magic/magic.mime.magic	2007-04-03 23:11:32.000000000 +0200
+++ file-4.21/magic/magic.mime	2007-05-28 21:47:26.000000000 +0200
@@ -196,7 +196,7 @@
 # modified by Joerg Jenderek
 # GRR the original test are too common for many DOS files
 # so test 1 <= kbits nibble <= E
-0       beshort		&0xffe0		
+0       beshort&0xfffe  =0xfffa         audio/mpeg
 >2	ubyte&0xF0	>0x0F		
 >>2	ubyte&0xF0	<0xE1		audio/mpeg
 #MP3 with ID3 tag
@@ -402,16 +402,14 @@
 #
 # from Daniel Quinlan <quinlan at yggdrasil.com>
 #
-0	string		\<HEAD	text/html
-0	string		\<head	text/html
-0	string		\<TITLE	text/html
-0	string		\<title	text/html
-0       string          \<html	text/html
-0       string          \<HTML	text/html
+0	string/cB	\<!DOCTYPE\ html	text/html
+0	string/cb	\<head	text/html
+0	string/cb	\<title	text/html
+0       string/bc	\<html	text/html
 0	string		\<!--	text/html
-0	string		\<h1	text/html
-0	string		\<H1	text/html
-0	string/c	\<!doctype\ html	text/html
+0	string/c	\<h1	text/html
+
+0	string		\<?xml			text/xml
 
 #------------------------------------------------------------------------------
 # images:  file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
@@ -474,7 +472,7 @@
 0	beshort		0xffd8		image/jpeg
 
 # PC bitmaps (OS/2, Windoze BMP files)  (Greg Roelofs, newt at uchicago.edu)
-0	string		BM		image/bmp
+0	string		BM		image/x-ms-bmp
 #>14	byte		12		(OS/2 1.x format)
 #>14	byte		64		(OS/2 2.x format)
 #>14	byte		40		(Windows 3.x format)
@@ -939,6 +937,12 @@
 0	string	fLaC		audio/x-flac
 0	string	CWS		application/x-shockwave-flash
 
+
+# Gnumeric spreadsheet
+# This entry is only semi-helpful, as Gnumeric compresses its files, so
+# they will ordinarily reported as "compressed", but at least -z helps
+39      string          =<gmr:Workbook           application/x-gnumeric
+
 # Hangul Document Files:
 # Reversed-engineered HWP magic numbers
 # From: Won-Kyu Park <wkpark at kldp.org>
--- file-4.21/src/fsmagic.c.magic	2007-01-12 18:40:53.000000000 +0100
+++ file-4.21/src/fsmagic.c	2007-05-28 21:33:01.000000000 +0200
@@ -92,7 +92,8 @@
 		if (file_printf(ms, "cannot open `%s' (%s)",
 		    fn, strerror(errno)) == -1)
 			return -1;
-		return 1;
+		ms->haderr++;
+		return -1;
 	}
 
 	if ((ms->flags & MAGIC_MIME) != 0) {

file-4.21-oracle.patch:

--- NEW FILE file-4.21-oracle.patch ---
--- file-4.21/magic/Magdir/filesystems.oracle	2007-05-16 02:02:54.000000000 +0200
+++ file-4.21/magic/Magdir/filesystems	2007-05-28 21:55:58.000000000 +0200
@@ -1197,6 +1197,19 @@
 >>>2         short   2048       AXP generated)
 >>>2         short   4096       I64 generated)
 
+# Oracle Clustered Filesystem - Aaron Botsis <redhat at digitalmafia.org>
+8       string          OracleCFS       Oracle Clustered Filesystem,
+>4      long            x               rev %d
+>0      long            x               \b.%d,
+>560    string          x               label: %.64s,
+>136    string          x               mountpoint: %.128s
+
+# Oracle ASM tagged volume - Aaron Botsis <redhat at digitalmafia.org>
+32      string          ORCLDISK        Oracle ASM Volume,
+>40     string          x               Disk Name: %0.12s
+32      string          ORCLCLRD        Oracle ASM Volume (cleared),
+>40     string          x               Disk Name: %0.12s
+
 # Compaq/HP RILOE floppy image
 # From: Dirk Jagdmann <doj at cubic.org>
 0	string	CPQRFBLO	Compaq/HP RILOE floppy image


Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/file/F-7/.cvsignore,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- .cvsignore	7 Mar 2007 11:02:56 -0000	1.18
+++ .cvsignore	29 May 2007 11:02:05 -0000	1.19
@@ -1 +1 @@
-file-4.20.tar.gz
+file-4.21.tar.gz


Index: file.spec
===================================================================
RCS file: /cvs/pkgs/rpms/file/F-7/file.spec,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- file.spec	12 Mar 2007 12:19:54 -0000	1.62
+++ file.spec	29 May 2007 11:02:05 -0000	1.63
@@ -2,7 +2,7 @@
 
 Summary: A utility for determining file types
 Name: file
-Version: 4.20
+Version: 4.21
 Release: 1%{?dist}
 License: Distributable
 Group: Applications/File
@@ -10,19 +10,17 @@
 URL:	http://www.darwinsys.com/file/
 Patch1: file-4.19-debian.patch
 Patch2: file-selinux.patch
-Patch3: file-4.19-magic.patch
+Patch3: file-4.21-magic.patch
 Patch5: file-4.13-fsdump.patch
 Patch6: file-4.13-quick.patch
 Patch8: file-4.15-berkeley.patch
 Patch12: file-4.16-xen.patch
-Patch16: file-4.19-oracle.patch
+Patch16: file-4.21-oracle.patch
 Patch17: file-4.17-clamav.patch
 Patch18: file-4.17-powerpoint.patch
 Patch20: file-4.17-bash.patch
 Patch21: file-4.19-ELF.patch
 Patch22: file-4.19-ooffice.patch
-Patch23: file-4.20-REG_STARTEND.patch
-Patch24: file-4.20-unused.patch
 
 Requires: file-libs = %{version}
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -66,12 +64,9 @@
 %patch16 -p1 -b .oracle
 %patch17 -p1 -b .clamav
 %patch18 -p1 -b .powerpoint
-#%patch19 -p1 -b .empty
 %patch20 -p1 -b .bash
 %patch21 -p1 -b .ELF
 %patch22 -p1 -b .ooffice
-%patch23 -p1 -b .REG_STARTEND
-%patch24 -p1 -b .unused
 
 iconv -f iso-8859-1 -t utf-8 < doc/libmagic.man > doc/libmagic.man_
 mv doc/libmagic.man_ doc/libmagic.man
@@ -129,6 +124,10 @@
 
 
 %changelog
+* Tue May 29 2007 Martin Bacovsky <mbacovsk at redhat.com> - 4.21-1
+- upgrade to new upstream 4.21
+- resolves: #241034: CVE-2007-2799 file integer overflow
+
 * Wed Mar  7 2007 Martin Bacovsky <mbacovsk at redhat.com> - 4.20-1
 - upgrade to new upstream 4.20
 


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/file/F-7/sources,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- sources	7 Mar 2007 11:02:56 -0000	1.18
+++ sources	29 May 2007 11:02:05 -0000	1.19
@@ -1 +1 @@
-402bdb26356791bd5d277099adacc006  file-4.20.tar.gz
+9e3503116f4269a1be70220ee2234b0e  file-4.21.tar.gz


--- file-4.19-magic.patch DELETED ---


--- file-4.19-oracle.patch DELETED ---


--- file-4.20-REG_STARTEND.patch DELETED ---


--- file-4.20-unused.patch DELETED ---




More information about the fedora-extras-commits mailing list