drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in elfutils
Name: |
Mehrere Probleme in elfutils |
|
ID: |
FEDORA-2018-91382c7bd3 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 29 |
|
Datum: |
So, 18. November 2018, 11:26 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18310
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18520 |
|
Applikationen: |
elfutils |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-91382c7bd3 2018-11-18 03:55:01.924086 ------------------------------------------------------------------------------- -
Name : elfutils Product : Fedora 29 Version : 0.174 Release : 5.fc29 URL : http://elfutils.org/ Summary : A collection of utilities and DSOs to handle ELF files and DWARF data Description : Elfutils is a collection of utilities, including stack (to show backtraces), nm (for listing symbols from object files), size (for listing the section sizes of an object or archive file), strip (for discarding symbols), readelf (to see the raw ELF file structures), elflint (to check for well-formed ELF files) and elfcompress (to compress or decompress ELF sections).
------------------------------------------------------------------------------- - Update Information:
Add support for ELF version, gnu property and gnu attrbutes notes. Fix eu-strip /eu-unstrip section group handling. Fixes CVE-2018-18310, CVE-2018-18520 and CVE-2018-18521. ------------------------------------------------------------------------------- - ChangeLog:
* Wed Nov 14 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.174-5 - Add elfutils-0.174-x86_64_unwind.patch. - Add elfutils-0.174-gnu-property-note.patch. - Add elfutils-0.174-version-note.patch. - Add elfutils-0.174-gnu-attribute-note.patch * Tue Nov 6 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.174-4 - Add elfutils-0.174-size-rec-ar.patch CVE-2018-18520 (#1646478) - Add elfutils-0.174-ar-sh_entsize-zero.patch CVE-2018-18521 (#1646483) * Fri Nov 2 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.174-3 - Add elfutils-0.174-libdwfl-sanity-check-core-reads.patch CVE-2018-18310 (#1642605) * Wed Oct 17 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.174-2 - Add elfutils-0.174-strip-unstrip-group.patch. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1642604 - CVE-2018-18310 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl https://bugzilla.redhat.com/show_bug.cgi?id=1642604 [ 2 ] Bug #1646477 - CVE-2018-18520 elfutils: Invalid Memory Address Dereference exists in the function elf_end in libelf https://bugzilla.redhat.com/show_bug.cgi?id=1646477 [ 3 ] Bug #1646482 - CVE-2018-18521 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c https://bugzilla.redhat.com/show_bug.cgi?id=1646482 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-91382c7bd3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|