UbuntuUpdates.org

Package "libctf-nobfd0"

Name: libctf-nobfd0

Description:

Compact C Type Format library (runtime, no BFD dependency)

Latest version: 2.34-6ubuntu1.9
Release: focal (20.04)
Level: security
Repository: main
Head package: binutils
Homepage: https://www.gnu.org/software/binutils/

Links


Download "libctf-nobfd0"


Other versions of "libctf-nobfd0" in Focal

Repository Area Version
base main 2.34-6ubuntu1
updates main 2.34-6ubuntu1.9

Changelog

Version: 2.34-6ubuntu1.4 2022-12-05 20:06:26 UTC

  binutils (2.34-6ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2022-38533.patch: strip possibly
      heap-buffer-overflow in bfd/coffcode.h.
    - CVE-2022-38533

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 30 Aug 2022 09:53:48 -0300

Source diff to previous version
CVE-2022-38533 In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new v

Version: 2.34-6ubuntu1.3 2021-10-25 17:06:22 UTC

  binutils (2.34-6ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: Use after free in bfd_hash_lookup
    - debian/patches/CVE-2020-16592.patch: don't use a pointer into strings
      that may be freed for section name in bfd/peXXigen.c.
    - CVE-2020-16592
  * SECURITY UPDATE: DoS via memory consumption in DWARF debug sections
    - debian/patches/CVE-2021-3487.patch: check for debug sections with
      excessive sizes in bfd/dwarf2.c.
    - CVE-2021-3487

 -- Marc Deslauriers <email address hidden> Wed, 20 Oct 2021 07:09:55 -0400

Source diff to previous version
CVE-2020-16592 A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm
CVE-2021-3487 There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and

Version: 2.34-6ubuntu1.1 2021-02-18 11:07:09 UTC

  binutils (2.34-6ubuntu1.1) focal; urgency=medium

  * Backporting upstream commit 26b6ab7a0e to accept vector alignment
    hints on z13 (LP: #1889742)

 -- William 'jawn-smith' Wilson <email address hidden> Thu, 21 Jan 2021 09:23:33 -0600

1889742 [UBUNTU 20.04] Accept vector alignment hints on z13 (binutils)



About   -   Send Feedback to @ubuntu_updates