Red Hat Product Errata RHSA-2020:1022 - Security Advisory

Issued:: 2020-03-31
Updated:: 2020-03-31

RHSA-2020:1022 - Security Advisory

Overview
Updated Packages

Synopsis

Low: file security update

Type/Severity

Security Advisory: Low

Topic

An update for file is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats.

Security Fix(es):

file: out-of-bounds read via a crafted ELF file (CVE-2018-10360)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 1590000 - CVE-2018-10360 file: out-of-bounds read via a crafted ELF file

CVEs

CVE-2018-10360

References

https://access.redhat.com/security/updates/classification/#low

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
x86_64
file-5.11-36.el7.x86_64.rpm	SHA-256: 9ff8db9950ad08ed4c186b911125b12a341e5cc7fd4a510002b6a13eb4b299d6
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-devel-5.11-36.el7.i686.rpm	SHA-256: a08292964e34d4738d9b0aa11e4373237365f8dcca582328ec2eacf0a357e41e
file-devel-5.11-36.el7.x86_64.rpm	SHA-256: 5f1015f745e88cb475bfe264a0f7ec29a307ad5f4bedc31bc275373e1be0b615
file-libs-5.11-36.el7.i686.rpm	SHA-256: f3847913c7011b8ffa2354bfb295f574c220b589a2e7125f7092e44fa58cc3ae
file-libs-5.11-36.el7.x86_64.rpm	SHA-256: 318bc2778cb662e5e843299965f437a741ac190c024b4b257abb1fa391785299
file-static-5.11-36.el7.i686.rpm	SHA-256: b17109becacc2c3735fe3bc40293a585d49b501250b5bf82987653d2b7e01d5b
file-static-5.11-36.el7.x86_64.rpm	SHA-256: 5379fcfb96f4aff248a9a076d8ce0519cfebcd9dd3ed66b2f6b92647ac9b673b
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux Workstation 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
x86_64
file-5.11-36.el7.x86_64.rpm	SHA-256: 9ff8db9950ad08ed4c186b911125b12a341e5cc7fd4a510002b6a13eb4b299d6
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-devel-5.11-36.el7.i686.rpm	SHA-256: a08292964e34d4738d9b0aa11e4373237365f8dcca582328ec2eacf0a357e41e
file-devel-5.11-36.el7.x86_64.rpm	SHA-256: 5f1015f745e88cb475bfe264a0f7ec29a307ad5f4bedc31bc275373e1be0b615
file-libs-5.11-36.el7.i686.rpm	SHA-256: f3847913c7011b8ffa2354bfb295f574c220b589a2e7125f7092e44fa58cc3ae
file-libs-5.11-36.el7.x86_64.rpm	SHA-256: 318bc2778cb662e5e843299965f437a741ac190c024b4b257abb1fa391785299
file-static-5.11-36.el7.i686.rpm	SHA-256: b17109becacc2c3735fe3bc40293a585d49b501250b5bf82987653d2b7e01d5b
file-static-5.11-36.el7.x86_64.rpm	SHA-256: 5379fcfb96f4aff248a9a076d8ce0519cfebcd9dd3ed66b2f6b92647ac9b673b
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux Desktop 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
x86_64
file-5.11-36.el7.x86_64.rpm	SHA-256: 9ff8db9950ad08ed4c186b911125b12a341e5cc7fd4a510002b6a13eb4b299d6
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-devel-5.11-36.el7.i686.rpm	SHA-256: a08292964e34d4738d9b0aa11e4373237365f8dcca582328ec2eacf0a357e41e
file-devel-5.11-36.el7.x86_64.rpm	SHA-256: 5f1015f745e88cb475bfe264a0f7ec29a307ad5f4bedc31bc275373e1be0b615
file-libs-5.11-36.el7.i686.rpm	SHA-256: f3847913c7011b8ffa2354bfb295f574c220b589a2e7125f7092e44fa58cc3ae
file-libs-5.11-36.el7.x86_64.rpm	SHA-256: 318bc2778cb662e5e843299965f437a741ac190c024b4b257abb1fa391785299
file-static-5.11-36.el7.i686.rpm	SHA-256: b17109becacc2c3735fe3bc40293a585d49b501250b5bf82987653d2b7e01d5b
file-static-5.11-36.el7.x86_64.rpm	SHA-256: 5379fcfb96f4aff248a9a076d8ce0519cfebcd9dd3ed66b2f6b92647ac9b673b
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
s390x
file-5.11-36.el7.s390x.rpm	SHA-256: e6e0eeb5549185b5575d7862ec9c422c088d8cf949c7b672dbb6004395432e05
file-debuginfo-5.11-36.el7.s390.rpm	SHA-256: dadba9dbd48cbe3bf233bf9b6c677c015be93a6eb34e6fa7065ec8ad802ac2e1
file-debuginfo-5.11-36.el7.s390.rpm	SHA-256: dadba9dbd48cbe3bf233bf9b6c677c015be93a6eb34e6fa7065ec8ad802ac2e1
file-debuginfo-5.11-36.el7.s390x.rpm	SHA-256: 792773f568870053d85a68d5736390254b10638fef94b962544ffe8c9e853858
file-debuginfo-5.11-36.el7.s390x.rpm	SHA-256: 792773f568870053d85a68d5736390254b10638fef94b962544ffe8c9e853858
file-devel-5.11-36.el7.s390.rpm	SHA-256: 487d7dcae63b6fb7ed5db4b0c112132a3d29bae359a480d1f7bcef2d28e25d97
file-devel-5.11-36.el7.s390x.rpm	SHA-256: 00fcfcec0ccc7fc0e7a90533e51343970d94147957f1448ebd402c80bdc8c0e9
file-libs-5.11-36.el7.s390.rpm	SHA-256: d12291456a7b70bdab217e75ba2f82665818ecbe7e27218a622903b4280d21ff
file-libs-5.11-36.el7.s390x.rpm	SHA-256: ae0e872a6fa10f243ccb443e6b874becb8bbc2dac33d6e503577d8e0dc9324f4
file-static-5.11-36.el7.s390.rpm	SHA-256: fd2e12e50b59cebd6416484424b41797c1b28cec8ba2fc5671db7d7e285bcef8
file-static-5.11-36.el7.s390x.rpm	SHA-256: 97e746da598117f568ce534bb03d554dc781f498471a539033d6e430a9c1582f
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux for Power, big endian 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
ppc64
file-5.11-36.el7.ppc64.rpm	SHA-256: 1d824b3af3a504a28ad864debfdd12ef9ad479a39850108de02b597e74c20f05
file-debuginfo-5.11-36.el7.ppc.rpm	SHA-256: b3f7927a7214e7aef6b3a2a45da68638bb557c3d04a46d620291f4521e4da65e
file-debuginfo-5.11-36.el7.ppc.rpm	SHA-256: b3f7927a7214e7aef6b3a2a45da68638bb557c3d04a46d620291f4521e4da65e
file-debuginfo-5.11-36.el7.ppc64.rpm	SHA-256: 9e4aecb837c4f76945265bbc7c0095fd97c9ead0453c10658cf195068f3f241a
file-debuginfo-5.11-36.el7.ppc64.rpm	SHA-256: 9e4aecb837c4f76945265bbc7c0095fd97c9ead0453c10658cf195068f3f241a
file-devel-5.11-36.el7.ppc.rpm	SHA-256: 585afde4483848a9fde24b58bf2e0ed7e11908e1f2adac502441d756d4e34777
file-devel-5.11-36.el7.ppc64.rpm	SHA-256: 9f0d3a1bdb3dec0b9f589d3646c3cb58f9039391ffda7f22eaa389c67388c54d
file-libs-5.11-36.el7.ppc.rpm	SHA-256: 2f102f629192d9f6bb1ff52c5e338439fbda35097eceddce60adac74c5029528
file-libs-5.11-36.el7.ppc64.rpm	SHA-256: c96aaf98754533bb31922c1244ee9bda9a751fd356891c035f35751ba794772f
file-static-5.11-36.el7.ppc.rpm	SHA-256: 3d906611b34ff0fb0405a79eef5bbee815621574a4203cfee8b1c0f8b35423e5
file-static-5.11-36.el7.ppc64.rpm	SHA-256: ddcf146e875229c062a26701111adce13d022523765fb67efe3a1bafd094923d
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
x86_64
file-5.11-36.el7.x86_64.rpm	SHA-256: 9ff8db9950ad08ed4c186b911125b12a341e5cc7fd4a510002b6a13eb4b299d6
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.i686.rpm	SHA-256: 6267fc79691584336bad5dcec7a335dfdee3368860fa4a96bf75ad71cc117a13
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-debuginfo-5.11-36.el7.x86_64.rpm	SHA-256: b77e07836d551146eac6cf8ae82998e9015681161ddd8d9eea6aaebdda52bc99
file-devel-5.11-36.el7.i686.rpm	SHA-256: a08292964e34d4738d9b0aa11e4373237365f8dcca582328ec2eacf0a357e41e
file-devel-5.11-36.el7.x86_64.rpm	SHA-256: 5f1015f745e88cb475bfe264a0f7ec29a307ad5f4bedc31bc275373e1be0b615
file-libs-5.11-36.el7.i686.rpm	SHA-256: f3847913c7011b8ffa2354bfb295f574c220b589a2e7125f7092e44fa58cc3ae
file-libs-5.11-36.el7.x86_64.rpm	SHA-256: 318bc2778cb662e5e843299965f437a741ac190c024b4b257abb1fa391785299
file-static-5.11-36.el7.i686.rpm	SHA-256: b17109becacc2c3735fe3bc40293a585d49b501250b5bf82987653d2b7e01d5b
file-static-5.11-36.el7.x86_64.rpm	SHA-256: 5379fcfb96f4aff248a9a076d8ce0519cfebcd9dd3ed66b2f6b92647ac9b673b
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

Red Hat Enterprise Linux for Power, little endian 7

SRPM
file-5.11-36.el7.src.rpm	SHA-256: a97fdd71d8128780a9a43670fb1d15452fbe5fb1f32cb964eab223934025601f
ppc64le
file-5.11-36.el7.ppc64le.rpm	SHA-256: 89b20a9c40572dd9b113fbb0bc71b779abb3c4db130d6936f8b1bda6e357b4da
file-debuginfo-5.11-36.el7.ppc64le.rpm	SHA-256: b959503db3abb1126f2b47164b23fb832532a4771c37acee6b463bee6f52cf81
file-debuginfo-5.11-36.el7.ppc64le.rpm	SHA-256: b959503db3abb1126f2b47164b23fb832532a4771c37acee6b463bee6f52cf81
file-devel-5.11-36.el7.ppc64le.rpm	SHA-256: 4b2f68b62532422a1b48624bd7441de00180b30610934a030d7f5d95d0052733
file-libs-5.11-36.el7.ppc64le.rpm	SHA-256: 2ea2af8ff0a028dfafea4dcb0a6c48b4969fa1279d60d081445fdb15413dde97
file-static-5.11-36.el7.ppc64le.rpm	SHA-256: cf0000535ac84096d80b82c8e1914e6ccbd91ee5a79e68e8bda572fefe6c7312
python-magic-5.11-36.el7.noarch.rpm	SHA-256: 05c3eba8dcc62f644d0b6e82bbaf98a600cf1d393cad392e1bdd07eff16a8a05

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories