A buffer overflow was found in file, a file type classification tool,
which may result in denial of service or potentially the execution of
arbitrary code if a malformed CDF (Composite Document File) file is
For the oldstable distribution (stretch), this problem has been fixed
in version 1:5.30-1+deb9u3.
For the stable distribution (buster), this problem has been fixed in