drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in elfutils
Name: |
Überschreiben von Dateien in elfutils |
|
ID: |
FEDORA-2015-0677 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Mi, 21. Januar 2015, 07:38 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447 |
|
Applikationen: |
elfutils |
|
Originalnachricht |
Name : elfutils Product : Fedora 20 Version : 0.161 Release : 2.fc20 URL : https://fedorahosted.org/elfutils/ Summary : A collection of utilities and DSOs to handle compiled objects Description : Elfutils is a collection of utilities, including stack (to show backtraces), nm (for listing symbols from object files), size (for listing the section sizes of an object or archive file), strip (for discarding symbols), readelf (to see the raw ELF file structures), and elflint (to check for well-formed ELF files).
------------------------------------------------------------------------------- - Update Information:
Update to elfutils 0.161. Security fix for CVE-2014-9447. ------------------------------------------------------------------------------- - ChangeLog:
* Tue Jan 13 2015 Mark Wielaard <mjw@redhat.com> - 0.161-2 - Add elfutils-0.161-ar-long-name.patch (#1181525 CVE-2014-9447) * Fri Dec 19 2014 Mark Wielaard <mjw@redhat.com> - 0.161-1 - Update to 0.161. * Wed Aug 27 2014 Mark Wielaard <mjw@redhat.com> - 0.160-1 - Update to 0.160. - Remove integrated upstream patches: elfutils-aarch64-user_regs_struct.patch elfutils-0.159-argp-attach.patch elfutils-0.159-aarch64-bool-ret.patch elfutils-0.159-elf-h.patch elfutils-0.159-ppc64le-elfv2-abi.patch elfutils-0.159-report_r_debug.patch elfutils-0.159-ko_xz.patch * Sat Aug 16 2014 Mark Wielaard <mjw@redhat.com> - 0.159-10 - Add elfutils-0.159-ko_xz.patch * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.159-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Mon Jul 28 2014 Mark Wielaard <mjw@redhat.com> - 0.159-8 - Add elfutils-0.159-report_r_debug.patch (#1112610) * Fri Jul 18 2014 Mark Wielaard <mjw@redhat.com> - 0.159-7 - Add configure check to elfutils-aarch64-user_regs_struct.patch. * Sat Jul 12 2014 Tom Callaway <spot@fedoraproject.org> - 0.159-6 - fix license handling * Fri Jul 4 2014 Mark Wielaard <mjw@redhat.com> - 0.159-5 - Add elfutils-0.159-aarch64-bool-ret.patch - Add elfutils-0.159-elf-h.patch - Add elfutils-0.159-ppc64le-elfv2-abi.patch (#1110249) * Tue Jun 10 2014 Mark Wielaard <mjw@redhat.com> - 0.159-4 - Add elfutils-0.159-argp-attach.patch (#1107654) * Mon Jun 9 2014 Kyle McMartin <kyle@fedoraproject.org> - 0.159-3 - AArch64: handle new glibc-headers which provides proper GETREGSET structs. * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.159-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon May 19 2014 Mark Wielaard <mjw@redhat.com> - 0.159-1 - Update to 0.159. - Remove integrated upstream patches: robustify.patch, mod-e_type.patch and CVE-2014-0172.patch. - Remove special handling of now default compile and configure flags: Don't remove -Werror=format-security, don't configure --enable-dwz. * Thu Apr 10 2014 Mark Wielaard <mjw@redhat.com> - 0.158-3 - Add elfutils-0.158-CVE-2014-0172.patch (#1085729) * Tue Mar 11 2014 Mark Wielaard <mjw@redhat.com> - 0.158-2 - Add elfutils-0.158-mod-e_type.patch. * Mon Jan 6 2014 Mark Wielaard <mjw@redhat.com> - 0.158-1 - Update to 0.158. Remove all patches now upstream. Add eu-stack. * Thu Dec 19 2013 Mark Wielaard <mjw@redhat.com> - 0.157-4 - Add elfutils-0.157-aarch64-got-special-symbol.patch. - Remove -Werror=format-security from RPM_OPT_FLAGS. * Fri Dec 13 2013 Petr Machata <pmachata@redhat.com> - 0.157-3 - Add upstream support for aarch64 * Wed Oct 9 2013 Mark Wielaard <mjw@redhat.com> 0.157-2 - Show tests/test-suite.log in build.log when make check fails. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1178888 - CVE-2014-9447 elfutils: directory traversal in read_long_names() https://bugzilla.redhat.com/show_bug.cgi?id=1178888 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update elfutils' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|