drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zahlenüberlauf in elfutils
Name: |
Zahlenüberlauf in elfutils |
|
ID: |
RHSA-2006:0354-01 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Enterprise Linux |
|
Datum: |
Do, 10. August 2006, 23:39 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 |
|
Applikationen: |
elfutils |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- --------------------------------------------------------------------- Red Hat Security Advisory
Synopsis: Low: elfutils security update Advisory ID: RHSA-2006:0354-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0354.html Issue date: 2006-08-10 Updated on: 2006-08-10 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-1704 - ---------------------------------------------------------------------
1. Summary:
Updated elfutils packages that address a minor security issue and various other issues are now available.
This update has been rated as having low security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code.
The elfutils packages that originally shipped with Red Hat Enterprise Linux 4 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils.
In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704)
Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version.
Users of elfutils should upgrade to these updated packages, which resolve these issues.
4. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website:
https://rhn.redhat.com/help/latest-up2date.pxt
5. Bug IDs fixed (http://bugzilla.redhat.com/):
156342 - eu-strip mangles separate debuginfo with relocation sections 159888 - CVE-2005-1704 Integer overflow in libelf 186992 - Elfutils license upgrade
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/elfutils-0.97.1-3.src.rpm be92076aa98203d3d1a31764e8c55fe8 elfutils-0.97.1-3.src.rpm
i386: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 597fab4861e21558ee5241391d94c29e elfutils-devel-0.97.1-3.i386.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 8d395168cffc2d3d9666b6741208115a elfutils-libelf-devel-0.97.1-3.i386.rpm
ia64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 00ba981a8897e990149319d38b202198 elfutils-debuginfo-0.97.1-3.ia64.rpm 5ab55fb1b7b1fdc890beee2246ae000e elfutils-devel-0.97.1-3.ia64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 3452f9dc057e0b921cef882189118c61 elfutils-libelf-0.97.1-3.ia64.rpm dfb803971bd78e169c3f22cb903daae9 elfutils-libelf-devel-0.97.1-3.ia64.rpm
ppc: 2680998fa90eb10b82018054d7523d95 elfutils-0.97.1-3.ppc.rpm 5bd8535f6dbba9548a9263349d3f78e3 elfutils-0.97.1-3.ppc64.rpm 8bf644dd1a625367539033ee3d42a576 elfutils-debuginfo-0.97.1-3.ppc.rpm d00483b7efb0503e15d4ad239b76301c elfutils-debuginfo-0.97.1-3.ppc64.rpm c068b099c58942fc09b56a4bf63a4836 elfutils-devel-0.97.1-3.ppc.rpm 37c1b4884a178dcc69e58ecdbd4857ee elfutils-libelf-0.97.1-3.ppc.rpm 91aaa5da12acc4ea47504c8e6760ee54 elfutils-libelf-0.97.1-3.ppc64.rpm 06a68c04286bf1a1167ffcaf9fe83585 elfutils-libelf-devel-0.97.1-3.ppc.rpm
s390: 77b2c7b6229c5a3f92856dbe75cbfab8 elfutils-0.97.1-3.s390.rpm 5d68e76fbe83443f5b187302ad47d787 elfutils-debuginfo-0.97.1-3.s390.rpm 86683249da3f5f1108ab2d1136fd3452 elfutils-devel-0.97.1-3.s390.rpm d6e3f9ca8ce95cb5328cfff6bd2d5f45 elfutils-libelf-0.97.1-3.s390.rpm 0b24693676bf6e948de7172369aba13e elfutils-libelf-devel-0.97.1-3.s390.rpm
s390x: 77b2c7b6229c5a3f92856dbe75cbfab8 elfutils-0.97.1-3.s390.rpm 6c65023b352b3e1c05667fe3e849e893 elfutils-0.97.1-3.s390x.rpm 5d68e76fbe83443f5b187302ad47d787 elfutils-debuginfo-0.97.1-3.s390.rpm 755c49447187e1a02106d954d8d25ae7 elfutils-debuginfo-0.97.1-3.s390x.rpm 2c3b1fb515c57f00417176242843bce6 elfutils-devel-0.97.1-3.s390x.rpm d6e3f9ca8ce95cb5328cfff6bd2d5f45 elfutils-libelf-0.97.1-3.s390.rpm cb42d361bfa5374f64623ed8a1d2c70c elfutils-libelf-0.97.1-3.s390x.rpm 404801004e0dc22196bdb80acfa37bc1 elfutils-libelf-devel-0.97.1-3.s390x.rpm
x86_64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 921094a1e8f8febbacc1b24ce733fa61 elfutils-0.97.1-3.x86_64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm fd0737cf83da138e82db51ffc8fb3ffb elfutils-debuginfo-0.97.1-3.x86_64.rpm 3f54f71891a4f96530f93c815e8169f7 elfutils-devel-0.97.1-3.x86_64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm fd37a6cb30a57eb5a5e483cfec7506ba elfutils-libelf-0.97.1-3.x86_64.rpm 571be987e0f3726db8309bdc99d00941 elfutils-libelf-devel-0.97.1-3.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: elfutils-0.97.1-3.src.rpm be92076aa98203d3d1a31764e8c55fe8 elfutils-0.97.1-3.src.rpm
i386: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 597fab4861e21558ee5241391d94c29e elfutils-devel-0.97.1-3.i386.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 8d395168cffc2d3d9666b6741208115a elfutils-libelf-devel-0.97.1-3.i386.rpm
x86_64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 921094a1e8f8febbacc1b24ce733fa61 elfutils-0.97.1-3.x86_64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm fd0737cf83da138e82db51ffc8fb3ffb elfutils-debuginfo-0.97.1-3.x86_64.rpm 3f54f71891a4f96530f93c815e8169f7 elfutils-devel-0.97.1-3.x86_64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm fd37a6cb30a57eb5a5e483cfec7506ba elfutils-libelf-0.97.1-3.x86_64.rpm 571be987e0f3726db8309bdc99d00941 elfutils-libelf-devel-0.97.1-3.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/elfutils-0.97.1-3.src.rpm be92076aa98203d3d1a31764e8c55fe8 elfutils-0.97.1-3.src.rpm
i386: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 597fab4861e21558ee5241391d94c29e elfutils-devel-0.97.1-3.i386.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 8d395168cffc2d3d9666b6741208115a elfutils-libelf-devel-0.97.1-3.i386.rpm
ia64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 00ba981a8897e990149319d38b202198 elfutils-debuginfo-0.97.1-3.ia64.rpm 5ab55fb1b7b1fdc890beee2246ae000e elfutils-devel-0.97.1-3.ia64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 3452f9dc057e0b921cef882189118c61 elfutils-libelf-0.97.1-3.ia64.rpm dfb803971bd78e169c3f22cb903daae9 elfutils-libelf-devel-0.97.1-3.ia64.rpm
x86_64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 921094a1e8f8febbacc1b24ce733fa61 elfutils-0.97.1-3.x86_64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm fd0737cf83da138e82db51ffc8fb3ffb elfutils-debuginfo-0.97.1-3.x86_64.rpm 3f54f71891a4f96530f93c815e8169f7 elfutils-devel-0.97.1-3.x86_64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm fd37a6cb30a57eb5a5e483cfec7506ba elfutils-libelf-0.97.1-3.x86_64.rpm 571be987e0f3726db8309bdc99d00941 elfutils-libelf-devel-0.97.1-3.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/elfutils-0.97.1-3.src.rpm be92076aa98203d3d1a31764e8c55fe8 elfutils-0.97.1-3.src.rpm
i386: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 597fab4861e21558ee5241391d94c29e elfutils-devel-0.97.1-3.i386.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 8d395168cffc2d3d9666b6741208115a elfutils-libelf-devel-0.97.1-3.i386.rpm
ia64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 75c6bb5c1105e5182e9bb5f60039a875 elfutils-0.97.1-3.ia64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm 00ba981a8897e990149319d38b202198 elfutils-debuginfo-0.97.1-3.ia64.rpm 5ab55fb1b7b1fdc890beee2246ae000e elfutils-devel-0.97.1-3.ia64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm 3452f9dc057e0b921cef882189118c61 elfutils-libelf-0.97.1-3.ia64.rpm dfb803971bd78e169c3f22cb903daae9 elfutils-libelf-devel-0.97.1-3.ia64.rpm
x86_64: 156158f3b94caa1b50a50bf879c17eb7 elfutils-0.97.1-3.i386.rpm 921094a1e8f8febbacc1b24ce733fa61 elfutils-0.97.1-3.x86_64.rpm a4e9411f61be01871bbeb43cf9e48b23 elfutils-debuginfo-0.97.1-3.i386.rpm fd0737cf83da138e82db51ffc8fb3ffb elfutils-debuginfo-0.97.1-3.x86_64.rpm 3f54f71891a4f96530f93c815e8169f7 elfutils-devel-0.97.1-3.x86_64.rpm 68118aabeacdefcb65fb5134908e2ed0 elfutils-libelf-0.97.1-3.i386.rpm fd37a6cb30a57eb5a5e483cfec7506ba elfutils-libelf-0.97.1-3.x86_64.rpm 571be987e0f3726db8309bdc99d00941 elfutils-libelf-devel-0.97.1-3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 http://www.redhat.com/security/updates/classification/#low
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFE26ZOXlSAg2UNWIIRAkunAKCiv1pjEmH6L22MpTsPjFN3kVPVdgCgsmJq dSH4qtgVHIfE9ERGiiYuvbg= =8J5R -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
|
|