Sicherheit: Mehrere Probleme in elfutils

Lesezeichen hinzufügen

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-5e4fb05a0a
2017-05-12 04:05:28.497791
-------------------------------------------------------------------------------
-

Name : elfutils
Product : Fedora 25
Version : 0.169
Release : 1.fc25
URL : http://elfutils.org/
Summary : A collection of utilities and DSOs to handle ELF files and DWARF
data
Description :
Elfutils is a collection of utilities, including stack (to show
backtraces), nm (for listing symbols from object files), size
(for listing the section sizes of an object or archive file),
strip (for discarding symbols), readelf (to see the raw ELF file
structures), elflint (to check for well-formed ELF files) and
elfcompress (to compress or decompress ELF sections).

-------------------------------------------------------------------------------
-
Update Information:

New upstream release. Various bug fixes.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1441613 - CVE-2017-7607 elfutils: Heap-buffer overflow in the
handle_gnu_hash function
https://bugzilla.redhat.com/show_bug.cgi?id=1441613
[ 2 ] Bug #1441624 - CVE-2017-7608 elfutils: Heap-buffer overflow in the
ebl_object_note_type_name function
https://bugzilla.redhat.com/show_bug.cgi?id=1441624
[ 3 ] Bug #1441625 - CVE-2017-7609 elfutils: Memory allocation failure in
elf_compress.c
https://bugzilla.redhat.com/show_bug.cgi?id=1441625
[ 4 ] Bug #1441626 - CVE-2017-7610 elfutils: Heap-buffer overflow in the
check_group function
https://bugzilla.redhat.com/show_bug.cgi?id=1441626
[ 5 ] Bug #1441627 - CVE-2017-7611 elfutils: Heap-buffer overflow in the
check_symtab_shndx function
https://bugzilla.redhat.com/show_bug.cgi?id=1441627
[ 6 ] Bug #1441628 - CVE-2017-7612 elfutils: Heap-buffer overflow in the
check_sysv_hash function
https://bugzilla.redhat.com/show_bug.cgi?id=1441628
[ 7 ] Bug #1441629 - CVE-2017-7613 elfutils: elflint.c does not validate the
number of sections and segments
https://bugzilla.redhat.com/show_bug.cgi?id=1441629
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade elfutils' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org