UbuntuUpdates.org

Package "binutils-doc"

Name: binutils-doc

Description:

Documentation for the GNU assembler, linker and binary utilities

Latest version: 2.24-5ubuntu14.2
Release: trusty (14.04)
Level: security
Repository: main
Head package: binutils

Links


Download "binutils-doc"


Other versions of "binutils-doc" in Trusty

Repository Area Version
base main 2.24-5ubuntu3
updates main 2.24-5ubuntu14.2

Changelog

Version: 2.24-5ubuntu14.2 2017-05-08 12:06:38 UTC

  binutils (2.24-5ubuntu14.2) trusty; urgency=medium

  * 002-dont-segv-on-initial-instructions-overflow.patch:
    Fix ld crash on arm64 (LP: #1644363)

 -- Julian Andres Klode <email address hidden> Tue, 25 Apr 2017 17:02:10 +0200

Source diff to previous version
1644363 [trusty/arm64] binutils segfaults on bash gettext configure test

Version: 2.24-5ubuntu14.1 2016-05-17 02:07:02 UTC

  binutils (2.24-5ubuntu14.1) trusty-security; urgency=medium

  * No-change rebuild in the trusty-security pocket to address issues
    building linux kernel and openjdk-7 security updates (LP: #1577553)

Source diff to previous version
1577553 Apply gcc-4.8 updates to trusty-security pocket

Version: 2.24-5ubuntu3.1 2015-02-09 22:06:24 UTC

  binutils (2.24-5ubuntu3.1) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read in srec_scan of bfd/srec.c
    - debian/patches/binutils-CVE-2014-8484.patch: report an error for
      S-records with less than the miniumum size
    - debian/patches/series: disable srec_scan_null_deref.diff as it is
      an incomplete fix for this issue and did not go upstream
    - CVE-2014-8484
  * SECURITY UPDATE: incorrect memory handling around corrupt group
    section headers
    - debian/patches/binutils-CVE-2014-8485.patch: Improve handling of
      corrupt group sections
    - CVE-2014-8485
  * SECURITY UPDATE: out-of-bounds write in _bfd_XXi_swap_aouthdr_in
    - debian/patches/binutils-CVE-2014-8501.patch: Handle corrupt
      binaries with an invalid value for NumberOfRvaAndSizes.
    - CVE-2014-8501
  * SECURITY UPDATE: pe_print_edata buffer overflow
    - debian/patches/binutils-CVE-2014-8502.patch: Detect out of
      range and truncated rvas or entry counts
    - CVE-2014-8502
  * SECURITY UPDATE: ihex_scan buffer overflow
    - debian/patches/binutils-CVE-2014-8503.patch: Fix typo in
      invocation of ihex_bad_byte.
    - CVE-2014-8503
  * SECURITY UPDATE: srec_scan buffer overflow
    - debian/patches/binutils-CVE-2014-8504.patch: Increase size of buf
    - CVE-2014-8504
  * SECURITY UPDATE: directory traversal vulnerabilities
    - debian/patches/binutils-CVE-2014-8737.patch: disallow paths that
      include ../
    - CVE-2014-8737
  * SECURITY UPDATE: _bfd_slurp_extended_name_table out-of-bounds write
    - debian/patches/binutils-CVE-2014-8738.patch: Handle archives
      with corrupt extended name tables.
    - CVE-2014-8738
  * SECURITY UPDATE: multiple miscellaneous overflows and out-of-bounds
    reads and writes
    - debian/patches/binutils-bz17512_prereqs.patch: cherrypicked
      prerequisite commits needed to apply following patch
    - debian/patches/binutils-bz17512-misc.patch: fix invalid memory
      accesses.
  * Security hardening: don't use libbfd by default in strings(1)
    - debian/patches/binutils-harden_strings.patch: Add new command
      line option --data to only scan the initialized, loadable data
      sections of binaries, using libbfd; make --all the default.
 -- Steve Beattie <email address hidden> Mon, 09 Feb 2015 02:09:07 -0800

CVE-2014-8484 The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read)
CVE-2014-8485 The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and pos
CVE-2014-8501 The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of
CVE-2014-8502 Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denia
CVE-2014-8503 Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of ser
CVE-2014-8504 Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of ser
CVE-2014-8737 Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full
CVE-2014-8738 The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (i



About   -   Send Feedback to @ubuntu_updates