Sicherheit: Denial of Service in elfutils
Aktuelle Meldungen Distributionen
Name: Denial of Service in elfutils
ID: FEDORA-2018-f91531043d
Distribution: Fedora
Plattformen: Fedora 28
Datum: Fr, 8. Juni 2018, 17:04
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8769
Applikationen: elfutils


Fedora Update Notification
2018-06-08 13:09:48.199521

Name : elfutils
Product : Fedora 28
Version : 0.171
Release : 1.fc28
URL : http://elfutils.org/
Summary : A collection of utilities and DSOs to handle ELF files and DWARF
Description :
Elfutils is a collection of utilities, including stack (to show
backtraces), nm (for listing symbols from object files), size
(for listing the section sizes of an object or archive file),
strip (for discarding symbols), readelf (to see the raw ELF file
structures), elflint (to check for well-formed ELF files) and
elfcompress (to compress or decompress ELF sections).

Update Information:

DWARF5 and split dwarf, including GNU DebugFission, support.

* Fri Jun 1 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.171-1
- New upstream release.
- DWARF5 and split dwarf, including GNU DebugFission, support.
- readelf: Handle all new DWARF5 sections.
--debug-dump=info+ will show split unit DIEs when found.
--dwarf-skeleton can be used when inspecting a .dwo file.
Recognizes GNU locviews with --debug-dump=loc.
- libdw: New functions dwarf_die_addr_die, dwarf_get_units,
dwarf_getabbrevattr_data and dwarf_cu_info.
libdw will now try to resolve the alt file on first use
when not set yet with dwarf_set_alt.
dwarf_aggregate_size() now works with multi-dimensional arrays.
- libdwfl: Use process_vm_readv when available instead of ptrace.
- backends: Add a RISC-V backend.

[ 1 ] Bug #1559243 - CVE-2018-8769 elfutils: buffer over-read in
ebldynamictagname.c:ebl_dynamic_tag_name() allows for denial of service [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-f91531043d' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EP43TAFBHQYHEVFEGFYOXUFAUCL3CQVB/
Pro-Linux @Twitter
Neue Nachrichten