UbuntuUpdates.org

Package "gdb"

Name: gdb

Description:

GNU Debugger
Latest version: 12.1-0ubuntu1~22.04.2
Release: jammy (22.04)
Level: security
Repository: main
Homepage: https://www.gnu.org/s/gdb/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "gdb"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "gdb" in Jammy

Repository Area Version
base main 12.0.90-0ubuntu1
base universe 12.0.90-0ubuntu1
security universe 12.1-0ubuntu1~22.04.2
updates main 12.1-0ubuntu1~22.04.2
updates universe 12.1-0ubuntu1~22.04.2
proposed main 12.1-0ubuntu1~22.04.3
proposed universe 12.1-0ubuntu1~22.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 12.1-0ubuntu1~22.04.2 2024-06-20 08:07:12 UTC

  gdb (12.1-0ubuntu1~22.04.2) jammy-security; urgency=low

  * SECURITY UPDATE: illegal memory access
    - debian/patches/CVE-2022-4285.patch: Fix an illegal memory access
      when parsing an ELF file containing corrupt symbol version
      information.
    - CVE-2022-4285
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2023-1972.patch: Fix an illegal memory access
      when an accessing a zero-length verdef table.
    - CVE-2023-1972
  * SECURITY UPDATE: stack buffer overflow
    - debian/patches/CVE-2023-39128.patch: Avoid buffer overflow in
      ada_decode
    - CVE-2023-39128
  * SECURITY UPDATE: use after free
    - debian/patches/CVE-2023-39129-1.patch: Verify COFF symbol
      stringtab offset
    - debian/patches/CVE-2023-39129-2.patch: Fix gdb/coffread.c build on
      32bit architectures
    - debian/patches/CVE-2023-39129-3.patch: Use hex_string in
      gdb/coffread.c instead of PRIxPTR
    - CVE-2023-39129
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2023-39130.patch: gdb: warn unused result for
      bfd IO functions
    - CVE-2023-39130

 -- Bruce Cable <email address hidden> Thu, 13 Jun 2024 11:58:36 +1000
CVE-2022-4285 An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a de
CVE-2023-1972 A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVE-2023-39128 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
CVE-2023-39129 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
CVE-2023-39130 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.


About   -   Send Feedback to @ubuntu_updates