Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Überschreiben von Dateien in elfutils
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in elfutils
ID: FEDORA-2015-0692
Distribution: Fedora
Plattformen: Fedora 21
Datum: Mo, 19. Januar 2015, 08:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447

Originalnachricht

Name        : elfutils
Product : Fedora 21
Version : 0.161
Release : 2.fc21
URL : https://fedorahosted.org/elfutils/
Summary : A collection of utilities and DSOs to handle compiled objects
Description :
Elfutils is a collection of utilities, including stack (to show
backtraces), nm (for listing symbols from object files), size
(for listing the section sizes of an object or archive file),
strip (for discarding symbols), readelf (to see the raw ELF file
structures), and elflint (to check for well-formed ELF files).

-------------------------------------------------------------------------------
-
Update Information:

Update to elfutils 0.161. Security fix for CVE-2014-9447.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Jan 13 2015 Mark Wielaard <mjw@redhat.com> - 0.161-2
- Add elfutils-0.161-ar-long-name.patch (#1181525 CVE-2014-9447)
* Fri Dec 19 2014 Mark Wielaard <mjw@redhat.com> - 0.161-1
- Update to 0.161.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1178888 - CVE-2014-9447 elfutils: directory traversal in
read_long_names()
https://bugzilla.redhat.com/show_bug.cgi?id=1178888
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update elfutils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung