summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog275
1 files changed, 272 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 9f6aab7..98cdcc4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,272 @@
+2015-01-02 15:15 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.22
+
+2015-01-01 12:01 Christos Zoulas <christos@zoulas.com>
+
+ * add indirect relative for TIFF/Exif
+
+2014-12-16 18:10 Christos Zoulas <christos@zoulas.com>
+
+ * restructure elf note printing to avoid repeated messages
+ * add note limit, suggested by Alexander Cherepanov
+
+2014-12-16 16:53 Christos Zoulas <christos@zoulas.com>
+
+ * Bail out on partial pread()'s (Alexander Cherepanov)
+ * Fix incorrect bounds check in file_printable (Alexander Cherepanov)
+
+2014-12-11 20:01 Christos Zoulas <christos@zoulas.com>
+
+ * PR/405: ignore SIGPIPE from uncompress programs
+ * change printable -> file_printable and use it in
+ more places for safety
+ * in ELF, instead of "(uses dynamic libraries)" when PT_INTERP
+ is present print the interpreter name.
+
+2014-12-10 20:01 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.21
+
+2014-11-27 18:40 Christos Zoulas <christos@zoulas.com>
+
+ * Allow setting more parameters from the command line.
+ * Split name/use and indirect magic recursion limits.
+
+2014-11-27 11:12 Christos Zoulas <christos@zoulas.com>
+
+ * Adjust ELF parameters and the default recursion
+ level.
+ * Allow setting the recursion level dynamically.
+
+2014-11-24 8:55 Christos Zoulas <christos@zoulas.com>
+
+ * The following fixes resulted from Thomas Jarosch's fuzzing
+ tests that revealed severe performance issues on pathological
+ input:
+ - limit number of elf program and sections processing
+ - abort elf note processing quickly
+ - reduce the number of recursion levels from 20 to 10
+ - preserve error messages in indirect magic handling
+
+ This is tracked as CVE-2014-8116 and CVE-2014-8117
+
+2014-11-12 10:30 Christos Zoulas <christos@zoulas.com>
+
+ * fix bogus free in the user buffer case.
+
+2014-11-11 12:35 Christos Zoulas <christos@zoulas.com>
+
+ * fix out of bounds read for pascal strings
+ * fix memory leak (not freeing the head of each mlist)
+
+2014-11-07 10:25 Christos Zoulas <christos@zoulas.com>
+
+ * When printing strings from a file, convert them to printable
+ on a byte by byte basis, so that we don't get issues with
+ locale's trying to interpret random byte streams as UTF-8 and
+ having printf error out with EILSEQ.
+
+2014-10-17 11:48 Christos Zoulas <christos@zoulas.com>
+
+ * fix bounds in note reading (Francisco Alonso / Red Hat)
+
+2014-10-11 15:02 Christos Zoulas <christos@zoulas.com>
+
+ * fix autoconf glue for setlocale and locale_t; some OS's
+ have locale_t in xlocale.h
+
+2014-10-10 15:01 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.20
+
+2014-08-17 10:01 Christos Zoulas <christos@zoulas.com>
+
+ * recognize encrypted CDF documents
+
+2014-08-04 9:18 Christos Zoulas <christos@zoulas.com>
+
+ * add magic_load_buffers from Brooks Davis
+
+2014-07-24 16:40 Christos Zoulas <christos@zoulas.com>
+
+ * add thumbs.db support
+
+2014-06-12 12:28 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.19
+
+2014-06-09 9:04 Christos Zoulas <christos@zoulas.com>
+
+ * Misc buffer overruns and missing buffer size tests in cdf parsing
+ (Francisco Alonso, Jan Kaluza)
+
+2014-06-02 14:50 Christos Zoulas <christos@zoulas.com>
+
+ * Enforce limit of 8K on regex searches that have no limits
+ * Allow the l modifier for regex to mean line count. Default
+ to byte count. If line count is specified, assume a max
+ of 80 characters per line to limit the byte count.
+ * Don't allow conversions to be used for dates, allowing
+ the mask field to be used as an offset.
+
+2014-05-30 12:51 Christos Zoulas <christos@zoulas.com>
+
+ * Make the range operator limit the length of the
+ regex search.
+
+2014-05-14 19:23 Christos Zoulas <christos@zoulas.com>
+
+ * PR/347: Windows fixes
+ * PR/352: Hangul word processor recognition
+ * PR/354: Encoding irregularities in text files
+
+2014-05-06 6:12 Christos Zoulas <christos@zoulas.com>
+
+ * Fix uninitialized title in CDF files (Jan Kaluza)
+
+2014-05-04 14:55 Christos Zoulas <christos@zoulas.com>
+
+ * PR/351: Fix compilation of empty files
+
+2014-04-30 17:39 Christos Zoulas <christos@zoulas.com>
+
+ * Fix integer formats: We don't specify 'l' or
+ 'h' and 'hh' specifiers anymore, only 'll' for
+ quads and nothing for the rest. This is so that
+ magic writing is simpler.
+
+2014-04-01 15:25 Christos Zoulas <christos@zoulas.com>
+
+ * PR/341: Jan Kaluza, fix memory leak
+ * PR/342: Jan Kaluza, fix out of bounds read
+
+2014-03-28 15:25 Christos Zoulas <christos@zoulas.com>
+
+ * Fix issue with long formats not matching fmtcheck
+
+2014-03-26 11:25 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.18
+
+2014-03-15 17:45 Christos Zoulas <christos@zoulas.com>
+
+ * add fmtcheck(3) for those who don't have it
+
+2014-03-14 15:12 Christos Zoulas <christos@zoulas.com>
+
+ * prevent mime entries from being attached to magic
+ entries with no descriptions
+
+ * adjust magic strength for regex type
+
+ * remove superfluous ascmagic with encoding test
+
+2014-03-06 12:01 Christos Zoulas <christos@zoulas.com>
+
+ * fix regression fix echo -ne "\012\013\014" | file -i -
+ which printed "binary" instead of "application/octet-stream"
+
+ * add size_t overflow check for magic file size
+
+2014-02-27 16:01 Christos Zoulas <christos@zoulas.com>
+
+ * experimental support for matching with CFD CLSID
+
+2014-02-18 13:04 Kimmo Suominen (kimmo@suominen.com)
+
+ * Cache old LC_CTYPE locale before setting it to "C", so
+ we can use it to restore LC_CTYPE instead of asking
+ setlocale() to scan the environment variables.
+
+2014-02-12 18:21 Christos Zoulas <christos@zoulas.com>
+
+ * Count recursion levels through indirect magic
+
+2014-02-11 10:40 Christos Zoulas <christos@zoulas.com>
+
+ * Prevent infinite recursion on files with indirect offsets of 0
+
+2014-01-30 21:00 Christos Zoulas <christos@zoulas.com>
+
+ * Add -E flag that makes file print filesystem errors to stderr
+ and exit.
+
+2014-01-08 17:20 Christos Zoulas <christos@zoulas.com>
+
+ * mime printing could print results from multiple magic entries
+ if there were multiple matches.
+ * in some cases overflow was not detected when computing offsets
+ in softmagic.
+
+2013-12-05 12:00 Christos Zoulas <christos@zoulas.com>
+
+ * use strcasestr() to for cdf strings
+ * reset to the "C" locale while doing regex operations, or case
+ insensitive comparisons; this is provisional
+
+2013-11-19 20:10 Christos Zoulas <christos@zoulas.com>
+
+ * always leave magic file loaded, don't unload for magic_check, etc.
+ * fix default encoding to binary instead of unknown which broke recently
+ * handle empty and one byte files, less specially so that
+ --mime-encoding does not break completely.
+ `
+2013-11-06 14:40 Christos Zoulas <christos@zoulas.com>
+
+ * fix erroneous non-zero exit code from non-existant file and message
+
+2013-10-29 14:25 Christos Zoulas <christos@zoulas.com>
+
+ * add CDF MSI file detection (Guy Helmer)
+
+2013-09-03 11:56 Christos Zoulas <christos@zoulas.com>
+
+ * Don't mix errors and regular output if there was an error
+ * in magic_descriptor() don't close the file and try to restore
+ its position
+
+2013-05-30 17:25 Christos Zoulas <christos@zoulas.com>
+
+ * Don't treat magic as an error if offset was past EOF (Christoph Biedl)
+
+2013-05-28 17:25 Christos Zoulas <christos@zoulas.com>
+
+ * Fix spacing issues in softmagic and elf (Jan Kaluza)
+
+2013-05-02 18:00 Christos Zoulas <christos@zoulas.com>
+
+ * Fix segmentation fault with multiple magic_load commands.
+
+2013-04-22 11:20 Christos Zoulas <christos@zoulas.com>
+
+ * The way "default" was implemented was not very useful
+ because the "if something was printed at that level"
+ was not easily controlled by the user, and the format
+ was bound to a string which is too restrictive. Add
+ a "clear" for that level keyword and make "default"
+ void. This way one can do:
+
+ >>13 clear x
+ >>13 lelong 1 foo
+ >>13 lelong 2 bar
+ >>13 default x
+ >>>13 lelong x unknown %x
+
+2013-03-25 13:20 Christos Zoulas <christos@zoulas.com>
+
+ * disallow strength setting in "name" entries
+
+2013-03-06 21:24 Christos Zoulas <christos@zoulas.com>
+
+ * fix recursive magic separator printing
+
+2013-02-26 19:28 Christos Zoulas <christos@zoulas.com>
+
+ * limit recursion level for mget
+ * fix pread() related breakage in cdf
+ * handle offsets properly in recursive "use"
+
2013-02-18 10:39 Christos Zoulas <christos@zoulas.com>
* add elf reading of debug info to determine if file is stripped
@@ -918,7 +1187,7 @@
* Identify gnu tar vs. posix tar
- * When keep going, don't print spurious newlines (Radek Vokál)
+ * When keep going, don't print spurious newlines (Radek Vokal)
2006-04-01 12:02 Christos Zoulas <christos@astron.com>
@@ -942,7 +1211,7 @@
2005-10-31 8:54 Christos Zoulas <christos@astron.com>
* Fix regression where the core info was not completely processed
- (Radek Vokál)
+ (Radek Vokal)
2005-10-20 11:15 Christos Zoulas <christos@astron.com>
@@ -959,7 +1228,7 @@
2005-09-20 13:33 Christos Zoulas <christos@astron.com>
* Don't print SVR4 Style in core files multiple times
- (Radek Vokál)
+ (Radek Vokal)
2005-08-27 04:09 Christos Zoulas <christos@astron.com>
View Lorry Controller Status