Package : file
Vulnerability : integer overflow
Problem type : local (remote)
CVE Id : CVE-2007-2799
The Debian 4.0r1 release contains a file package with the same version
number as the last security update (4.17-5etch2), potentially overriding
it. This security advisory reissues DSA-1343-1 with a higher version
number, to ensure that its changes remain in effect. The changes from
Debian 4.0r1 (which fix a minor denial of service issue, CVE-2007-2026)
are included as well.
For the stable distribution (etch), this problem has been fixed in
For the unstable distribution (sid), the security vulnerability has been
fixed in version 4.21-1.
The old stable distribution (sarge) is not affected by the security
We recommend that you upgrade your file (4.17-5etch3) package.
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
will update the internal database
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch