Name : cross-binutils Product : Fedora 20 Version : 2.25 Release : 3.fc20 URL : http://sources.redhat.com/binutils Summary : A GNU collection of cross-compilation binary utilities Description : Binutils is a collection of binary utilities, including ar (for creating, modifying and extracting from archives), as (a family of GNU assemblers), gprof (for displaying call graph profile data), ld (the GNU linker), nm (for listing symbols from object files), objcopy (for copying and translating object files), objdump (for displaying information from object files), ranlib (for generating an index for the contents of an archive), readelf (for displaying detailed information about binary files), size (for listing the section sizes of an object or archive file), strings (for listing printable strings from files), strip (for discarding symbols), and addr2line (for converting addresses to file and line).
------------------------------------------------------------------------------- - Update Information:
Upgrade to binutils-2.25 thus fixing a number of security bugs ------------------------------------------------------------------------------- - ChangeLog:
* Wed Jan 7 2015 David Howells <dhowells@redhat.com> - 2.25-2 - Fix up the target for SH64 and cease mixing 32-bit SH targets with SH64. - SH64: Work around flags not getting set on incremental link of .a into .o [binutils bz 17288]. * Mon Jan 5 2015 David Howells <dhowells@redhat.com> - 2.25-1 - Sync with binutils-2.25 to pick up fixes. Resolves: BZ #1162577, #1162601, #1162611, #1162625 * Thu Nov 13 2014 David Howells <dhowells@redhat.com> - 2.24-7 - Fix problems with the ar program reported in FSF PR 17533. Resolves: BZ #1162672, #1162659 * Wed Nov 12 2014 David Howells <dhowells@redhat.com> - 2.24-6 - Sync with binutils to pick up fixes. - Backport binutils 2.4 upstream branch to pick up more fixes. * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.24-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Jul 18 2014 David Howells <dhowells@redhat.com> - 2.24-5 - Add NIOS2 arch support. * Mon Jun 16 2014 David Howells <dhowells@redhat.com> - 2.24-4 - Fix gcc-4.9 new compile error in m68k handler in gas. * Wed Jun 11 2014 David Howells <dhowells@redhat.com> - 2.24-4 - Sync with binutils-2.24-15 fixing the bfd_set_section_alignment() error [BZ 1106093] - Apply the changes on binutils-2_24-branch in git to cab6c3ee9785f072a373afe31253df0451db93cf. * Fri Mar 28 2014 David Howells <dhowells@redhat.com> - 2.24-2 - A sysroot of / is bad, so make it /usr/<program-prefix>/sys-root/. * Thu Mar 27 2014 David Howells <dhowells@redhat.com> - 2.24-1 - Fix formatless sprintfs in Score. * Wed Mar 26 2014 David Howells <dhowells@redhat.com> - 2.24-1 - Update to binutils-2.24-1. - Add metag arch support. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1162577 - CVE-2014-8501 cross-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162577 [ 2 ] Bug #1162601 - CVE-2014-8502 cross-binutils: binutils: heap overflow in objdump [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162601 [ 3 ] Bug #1162611 - CVE-2014-8503 cross-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162611 [ 4 ] Bug #1162625 - CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162625 [ 5 ] Bug #1162659 - cross-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162659 [ 6 ] Bug #1162672 - cross-binutils: binutils: out of bounds memory write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162672 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update cross-binutils' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|