Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2007:0124 - Security Advisory
Issued:
2007-03-23
Updated:
2007-03-23

RHSA-2007:0124 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: file security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An updated file package that fixes a security flaw is now available for Red
Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The file command is used to identify a particular file according to the
type of data contained by the file.

An integer underflow flaw was found in the file utility. An attacker could
create a carefully crafted file which, if examined by a victim using the
file utility, could lead to arbitrary code execution. (CVE-2007-1536)

This issue did not affect the version of the file utility distributed with
Red Hat Enterprise Linux 2.1 or 3.

Users should upgrade to this erratum package, which contain a backported
patch to correct this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 233161 - CVE-2007-1536 file 4.20 fixes a heap overflow in that can result in arbitrary code execution
  • BZ - 233337 - CVE-2007-1536 file 4.20 fixes a heap overflow in that can result in arbitrary code execution

CVEs

  • CVE-2007-1536

References

  • http://www.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
x86_64
file-4.17-9.el5.x86_64.rpm SHA-256: 91d3ee3623e19384bf5467c5d06223d395dd702cfc958fcd5d914dbf5b027c3f
ia64
file-4.17-9.el5.ia64.rpm SHA-256: 2970c721664653e230970b87ea97d8271ae43c854a411c547dad1c8de9c3bd46
i386
file-4.17-9.el5.i386.rpm SHA-256: dd071d4cb5ecc7771b88097d5d6ae154e9590cb18e0d0612f16cab87a01890a4

Red Hat Enterprise Linux Server 4

SRPM
file-4.10-3.EL4.5.src.rpm SHA-256: ab789744b72c666adc7acf585d70bf50750a1cd1e3dd4c308e0daff3a02f7279
x86_64
file-4.10-3.EL4.5.x86_64.rpm SHA-256: 139e8de822bd36fb21eb346cff69bf352786765abcd84336eb79bb6dd38b7b78
file-4.10-3.EL4.5.x86_64.rpm SHA-256: 139e8de822bd36fb21eb346cff69bf352786765abcd84336eb79bb6dd38b7b78
ia64
file-4.10-3.EL4.5.ia64.rpm SHA-256: 61ea7ddd8375199f1e11eb7a9a4658325923a2a0c4fefeb74c7d9895e1816be8
file-4.10-3.EL4.5.ia64.rpm SHA-256: 61ea7ddd8375199f1e11eb7a9a4658325923a2a0c4fefeb74c7d9895e1816be8
i386
file-4.10-3.EL4.5.i386.rpm SHA-256: ad9322175c92f25c7d7b2a75c87b0b9ba940d9834a91638db06c849de9ba2048
file-4.10-3.EL4.5.i386.rpm SHA-256: ad9322175c92f25c7d7b2a75c87b0b9ba940d9834a91638db06c849de9ba2048

Red Hat Enterprise Linux Workstation 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
x86_64
file-4.17-9.el5.x86_64.rpm SHA-256: 91d3ee3623e19384bf5467c5d06223d395dd702cfc958fcd5d914dbf5b027c3f
i386
file-4.17-9.el5.i386.rpm SHA-256: dd071d4cb5ecc7771b88097d5d6ae154e9590cb18e0d0612f16cab87a01890a4

Red Hat Enterprise Linux Workstation 4

SRPM
file-4.10-3.EL4.5.src.rpm SHA-256: ab789744b72c666adc7acf585d70bf50750a1cd1e3dd4c308e0daff3a02f7279
x86_64
file-4.10-3.EL4.5.x86_64.rpm SHA-256: 139e8de822bd36fb21eb346cff69bf352786765abcd84336eb79bb6dd38b7b78
ia64
file-4.10-3.EL4.5.ia64.rpm SHA-256: 61ea7ddd8375199f1e11eb7a9a4658325923a2a0c4fefeb74c7d9895e1816be8
i386
file-4.10-3.EL4.5.i386.rpm SHA-256: ad9322175c92f25c7d7b2a75c87b0b9ba940d9834a91638db06c849de9ba2048

Red Hat Enterprise Linux Desktop 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
x86_64
file-4.17-9.el5.x86_64.rpm SHA-256: 91d3ee3623e19384bf5467c5d06223d395dd702cfc958fcd5d914dbf5b027c3f
i386
file-4.17-9.el5.i386.rpm SHA-256: dd071d4cb5ecc7771b88097d5d6ae154e9590cb18e0d0612f16cab87a01890a4

Red Hat Enterprise Linux Desktop 4

SRPM
file-4.10-3.EL4.5.src.rpm SHA-256: ab789744b72c666adc7acf585d70bf50750a1cd1e3dd4c308e0daff3a02f7279
x86_64
file-4.10-3.EL4.5.x86_64.rpm SHA-256: 139e8de822bd36fb21eb346cff69bf352786765abcd84336eb79bb6dd38b7b78
i386
file-4.10-3.EL4.5.i386.rpm SHA-256: ad9322175c92f25c7d7b2a75c87b0b9ba940d9834a91638db06c849de9ba2048

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
s390x
file-4.17-9.el5.s390x.rpm SHA-256: aa07ea971d42e8b784e5699362d35630d7ab90d65f114742697fece80882e3f3

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
file-4.10-3.EL4.5.src.rpm SHA-256: ab789744b72c666adc7acf585d70bf50750a1cd1e3dd4c308e0daff3a02f7279
s390x
file-4.10-3.EL4.5.s390x.rpm SHA-256: 98249160c34337ec15b3a51a17edd46e0fbdb03656ae326eb0a3dd4351078268
s390
file-4.10-3.EL4.5.s390.rpm SHA-256: c905cf5c61ec8a6c1f0dea4cdfa982a7c662398f455a846a94f010d70af8ce65

Red Hat Enterprise Linux for Power, big endian 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
ppc
file-4.17-9.el5.ppc.rpm SHA-256: 864e2287dac8f82ed0b22c236788d737e483a7f2972b33d876bc6ae48bf45621

Red Hat Enterprise Linux for Power, big endian 4

SRPM
file-4.10-3.EL4.5.src.rpm SHA-256: ab789744b72c666adc7acf585d70bf50750a1cd1e3dd4c308e0daff3a02f7279
ppc
file-4.10-3.EL4.5.ppc.rpm SHA-256: 560639049ca33c268748da138ff74294183568cd2f74d998cf1c9422b1e67533

Red Hat Enterprise Linux Server from RHUI 5

SRPM
file-4.17-9.el5.src.rpm SHA-256: b916a12ad662a2b586b5bdddad99c77fae67d96c6736a19470870dd6cb8e5399
x86_64
file-4.17-9.el5.x86_64.rpm SHA-256: 91d3ee3623e19384bf5467c5d06223d395dd702cfc958fcd5d914dbf5b027c3f
i386
file-4.17-9.el5.i386.rpm SHA-256: dd071d4cb5ecc7771b88097d5d6ae154e9590cb18e0d0612f16cab87a01890a4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility