drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in GDB
Name: |
Ausführen beliebiger Kommandos in GDB |
|
ID: |
FEDORA-2012-6614 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Fr, 17. August 2012, 08:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4355 |
|
Applikationen: |
GDB |
|
Originalnachricht |
Name : gdb Product : Fedora 16 Version : 7.3.50.20110722 Release : 16.fc16 URL : http://gnu.org/software/gdb/ Summary : A GNU source-level debugger for C, C++, Java and other languages Description : GDB, the GNU debugger, allows you to debug programs written in C, C++, Java, and other languages, by executing them in a controlled fashion and printing their data.
------------------------------------------------------------------------------- - Update Information:
Update "set auto-load" patchset and the --with-auto-load-safe-path setting.
Security fix for loading untrusted inferiors, see "set auto-load".
Security fix for loading untrusted inferiors, see "set auto-load".
Workaround crashes from stale frame_info pointer (BZ 804256).
Security fix for loading untrusted inferiors, see "set auto-load" (BZ 756117).
------------------------------------------------------------------------------- - ChangeLog:
* Tue Apr 24 2012 Jan Kratochvil <jan.kratochvil@redhat.com> - 7.3.50.20110722-16.fc16 - Update "set auto-load" patchset and the --with-auto-load-safe-path setting. * Thu Apr 19 2012 Jan Kratochvil <jan.kratochvil@redhat.com> - 7.3.50.20110722-15.fc16 - Security fix for loading untrusted inferiors, see "set auto-load" (BZ 756117). * Wed Apr 4 2012 Jan Kratochvil <jan.kratochvil@redhat.com> - 7.3.50.20110722-14.fc16 - Workaround crashes from stale frame_info pointer (BZ 804256). * Sat Mar 17 2012 Jan Kratochvil <jan.kratochvil@redhat.com> - 7.3.50.20110722-13.fc16 - Fix loading of core files without build-ids but with build-ids in executables. * Thu Mar 1 2012 Sergio Durigan Junior <sergiodj@redhat.com> - 7.3.50.20110722-12.fc16 - Fix `corrupt probe' complaint when reading SystemTap probes. * Tue Nov 29 2011 Jan Kratochvil <jan.kratochvil@redhat.com> - 7.3.50.20110722-11.fc16 - No longer build bundled libstdc++ pretty printers on RHELs >= 7. * Sat Nov 5 2011 Sergio Durigan Junior <sergiodj@redhat.com> - 7.3.50.20110722-10.fc16 - Backport fix for crash in cp_scan_for_anonymous_namespace (Aleksandar Ristovski, BZ 750341). ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #756117 - CVE-2011-4355 gdb: arbitrary code execution via .debug_gdb_scripts [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=756117 [ 2 ] Bug #804256 - gdb: until command segfaults in amd64_sigtramp_frame_sniffer https://bugzilla.redhat.com/show_bug.cgi?id=804256 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update gdb' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|