diff --git a/file-5.20-CVE-2014-3710.patch b/file-5.20-CVE-2014-3710.patch deleted file mode 100644 index 0fcf703..0000000 --- a/file-5.20-CVE-2014-3710.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 39c7ac1106be844a5296d3eb5971946cc09ffda0 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Fri, 17 Oct 2014 15:49:00 +0000 -Subject: [PATCH] Fix note bounds reading, Francisco Alonso / Red Hat - ---- - ChangeLog | 4 ++++ - src/readelf.c | 9 ++++++++- - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/src/readelf.c b/src/readelf.c -index 08f81f5..9ebdebd 100644 ---- a/src/readelf.c -+++ b/src/readelf.c -@@ -477,6 +477,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size, - uint32_t namesz, descsz; - unsigned char *nbuf = CAST(unsigned char *, vbuf); - -+ if (xnh_sizeof + offset > size) { -+ /* -+ * We're out of note headers. -+ */ -+ return xnh_sizeof + offset; -+ } -+ - (void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof); - offset += xnh_sizeof; - diff --git a/file-5.22-jpeg.patch b/file-5.22-jpeg.patch deleted file mode 100644 index fd9e8bf..0000000 --- a/file-5.22-jpeg.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 9f0601f3c03ffc561a2638c35eaf24308c7b3a72 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Fri, 2 Jan 2015 22:40:27 +0000 -Subject: [PATCH] Explain recursion better and avoid double recursion in the - masked entries - ---- - magic/Magdir/jpeg | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/magic/Magdir/jpeg b/magic/Magdir/jpeg -index f32f58a..588073f 100644 ---- a/magic/Magdir/jpeg -+++ b/magic/Magdir/jpeg -@@ -41,7 +41,8 @@ - # This uses recursion... - 0 name jpeg_segment - >0 beshort 0xFFFE -->>(2.S+2) use jpeg_segment -+# Recursion handled by FFE0 -+#>>(2.S+2) use jpeg_segment - >>2 pstring/HJ x \b, comment: "%s" - - >0 beshort 0xFFC0 -@@ -70,6 +71,7 @@ - >>(2.S+2) use jpeg_segment - - >0 beshort 0xFFE1 -+# Recursion handled by FFE0 - #>>(2.S+2) use jpeg_segment - >>4 string Exif \b, Exif Standard: [ - >>>10 indirect/r x -@@ -85,7 +87,8 @@ - # D9: End of image - # Dn: Restart - >0 beshort&0xFFD0 =0xFFD0 -->>(2.S+2) use jpeg_segment -+>>0 beshort&0xFFE0 !0xFFE0 -+>>>(2.S+2) use jpeg_segment - - #>0 beshort x unknown 0x%x - #>>(2.S+2) use jpeg_segment diff --git a/file-5.22-zlib.patch b/file-5.22-zlib.patch deleted file mode 100644 index 3a77879..0000000 --- a/file-5.22-zlib.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/magic/Magdir/compress b/magic/Magdir/compress -index beb8ebe..ae1c90f 100644 ---- a/magic/Magdir/compress -+++ b/magic/Magdir/compress -@@ -257,7 +257,7 @@ - !:mime application/x-qpress - - # Zlib https://www.ietf.org/rfc/rfc6713.txt --0 beshort%31 =0 -->0 byte&0xf =8 -->>0 byte&0x80 =0 zlib compressed data --!:mime application/zlib -+#0 beshort%31 =0 -+#>0 byte&0xf =8 -+#>>0 byte&0x80 =0 zlib compressed data -+#!:mime application/zlib diff --git a/file.spec b/file.spec index 0868b15..f24e795 100644 --- a/file.spec +++ b/file.spec @@ -3,7 +3,7 @@ Summary: A utility for determining file types Name: file -Version: 5.24 +Version: 5.25 Release: 1%{?dist} License: BSD Group: Applications/File @@ -20,7 +20,6 @@ Patch7: file-5.14-x86boot.patch Patch8: file-5.14-perl.patch Patch14: file-5.19-cafebabe.patch Patch15: file-5.22-awk-perl.patch -Patch16: file-5.22-zlib.patch Patch17: file-5.24-varied.patch URL: http://www.darwinsys.com/file/ Requires: file-libs = %{version}-%{release} @@ -92,7 +91,6 @@ file(1) command. %patch8 -p1 %patch14 -p1 %patch15 -p1 -%patch16 -p1 %patch17 -p1 # Patches can generate *.orig files, which can't stay in the magic dir, @@ -202,6 +200,9 @@ cd %{py3dir} %endif %changelog +* Fri Sep 18 2015 Jan Kaluza - 5.25-1 +- update to new version 5.25 + * Thu Jul 16 2015 Jan Kaluza - 5.24-1 - update to new version 5.24