Login-Name Passwort


Sicherheit: Zwei Probleme in binutils
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in binutils
ID: FEDORA-2015-0750
Distribution: Fedora
Plattformen: Fedora 21
Datum: Do, 22. Januar 2015, 07:35
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8737
Applikationen: binutils


Name        : binutils
Product : Fedora 21
Version : 2.24
Release : 30.fc21
URL : http://sources.redhat.com/binutils
Summary : A GNU collection of binary utilities
Description :
Binutils is a collection of binary utilities, including ar (for
creating, modifying and extracting from archives), as (a family of GNU
assemblers), gprof (for displaying call graph profile data), ld (the
GNU linker), nm (for listing symbols from object files), objcopy (for
copying and translating object files), objdump (for displaying
information from object files), ranlib (for generating an index for
the contents of an archive), readelf (for displaying detailed
information about binary files), size (for listing the section sizes
of an object or archive file), strings (for listing printable strings
from files), strip (for discarding symbols), and addr2line (for
converting addresses to file and line).

Update Information:

Fix problems with the ar program reported in FSF PR 17533

* Thu Nov 13 2014 Nick Clifton <nickc@redhat.com> - 2.24-30
- Fix problems with the ar program reported in FSF PR 17533.
Resolves: BZ #1162666, #1162655
* Thu Nov 6 2014 Nick Clifton <nickc@redhat.com> - 2.24-29
- Fix seg-fault when adding symbols via a plugin.
Resovles: BZ #1149660
* Fri Oct 31 2014 Nick Clifton <nickc@redhat.com> - 2.24-28
- Remove bogus part of addr2line-dynsymtab.patch.
Resovles: BZ #1157706
* Fri Oct 31 2014 Nick Clifton <nickc@redhat.com> - 2.24-27
- Fix buffer overrun in ihex parser.
- Fix memory corruption in previous patch.
- Consoldiate corrupt handling patches into just one patch.
- Default strings command to using -a.
* Wed Oct 29 2014 Nick Clifton <nickc@redhat.com> - 2.24-26
- Fix memory corruption bug introduced by the previous patch.
* Tue Oct 28 2014 Nick Clifton <nickc@redhat.com> - 2.24-25
- Import patches for PR/17510 and PR/17512 to fix reading corrupt ELF binaries.
Resolves: BZ #1157276, #1157277
* Mon Oct 27 2014 Nick Clifton <nickc@redhat.com> - 2.24-24
- Import patch from mainline to fix seg-fault when reading corrupt group
Resolves: BZ #1157276, #11527277
* Fri Oct 24 2014 Nick Clifton <nickc@redhat.com> - 2.24-23
- Import patch from mainline to fix seg-fault when reading corrupt srec fields.
Resolves: BZ #1156272

[ 1 ] Bug #1162666 - CVE-2014-8738 binutils: out of bounds memory write
[ 2 ] Bug #1162655 - CVE-2014-8737 binutils: directory traversal

This update can be installed with the "yum" update program. Use
su -c 'yum update binutils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Unterstützer werden
Neue Nachrichten