Mehrere Probleme in avr-binutils
ID: | FEDORA-2014-14963 |
Distribution: | Fedora |
Plattformen: | Fedora 20 |
Datum: | Sa, 6. Dezember 2014, 08:13 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8501 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8502 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8503 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8504 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8738 |
Applikationen: | binutils |
Originalnachricht |
|
Name : avr-binutils Product : Fedora 20 Version : 2.24 Release : 3.fc20 URL : http://www.gnu.org/software/binutils/ Summary : Cross Compiling GNU binutils targeted at avr Description : This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native arm platform. -------------------------------------------------------------------------------- Update Information: - fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in the SREC parser - fix out of bounds memory write -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 13 2014 Michal Hlavinka |