Package "binutils-multiarch"
Name: |
binutils-multiarch
|
Description: |
Binary utilities that support multi-arch targets
|
Latest version: |
2.24-5ubuntu14.2 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Head package: |
binutils |
Links
Download "binutils-multiarch"
Other versions of "binutils-multiarch" in Trusty
Changelog
binutils (2.24-5ubuntu14.2) trusty; urgency=medium
* 002-dont-segv-on-initial-instructions-overflow.patch:
Fix ld crash on arm64 (LP: #1644363)
-- Julian Andres Klode <email address hidden> Tue, 25 Apr 2017 17:02:10 +0200
|
Source diff to previous version |
1644363 |
[trusty/arm64] binutils segfaults on bash gettext configure test |
|
binutils (2.24-5ubuntu14.1) trusty-security; urgency=medium
* No-change rebuild in the trusty-security pocket to address issues
building linux kernel and openjdk-7 security updates (LP: #1577553)
|
Source diff to previous version |
1577553 |
Apply gcc-4.8 updates to trusty-security pocket |
|
binutils (2.24-5ubuntu3.1) trusty-security; urgency=medium
* SECURITY UPDATE: out-of-bounds read in srec_scan of bfd/srec.c
- debian/patches/binutils-CVE-2014-8484.patch: report an error for
S-records with less than the miniumum size
- debian/patches/series: disable srec_scan_null_deref.diff as it is
an incomplete fix for this issue and did not go upstream
- CVE-2014-8484
* SECURITY UPDATE: incorrect memory handling around corrupt group
section headers
- debian/patches/binutils-CVE-2014-8485.patch: Improve handling of
corrupt group sections
- CVE-2014-8485
* SECURITY UPDATE: out-of-bounds write in _bfd_XXi_swap_aouthdr_in
- debian/patches/binutils-CVE-2014-8501.patch: Handle corrupt
binaries with an invalid value for NumberOfRvaAndSizes.
- CVE-2014-8501
* SECURITY UPDATE: pe_print_edata buffer overflow
- debian/patches/binutils-CVE-2014-8502.patch: Detect out of
range and truncated rvas or entry counts
- CVE-2014-8502
* SECURITY UPDATE: ihex_scan buffer overflow
- debian/patches/binutils-CVE-2014-8503.patch: Fix typo in
invocation of ihex_bad_byte.
- CVE-2014-8503
* SECURITY UPDATE: srec_scan buffer overflow
- debian/patches/binutils-CVE-2014-8504.patch: Increase size of buf
- CVE-2014-8504
* SECURITY UPDATE: directory traversal vulnerabilities
- debian/patches/binutils-CVE-2014-8737.patch: disallow paths that
include ../
- CVE-2014-8737
* SECURITY UPDATE: _bfd_slurp_extended_name_table out-of-bounds write
- debian/patches/binutils-CVE-2014-8738.patch: Handle archives
with corrupt extended name tables.
- CVE-2014-8738
* SECURITY UPDATE: multiple miscellaneous overflows and out-of-bounds
reads and writes
- debian/patches/binutils-bz17512_prereqs.patch: cherrypicked
prerequisite commits needed to apply following patch
- debian/patches/binutils-bz17512-misc.patch: fix invalid memory
accesses.
* Security hardening: don't use libbfd by default in strings(1)
- debian/patches/binutils-harden_strings.patch: Add new command
line option --data to only scan the initialized, loadable data
sections of binaries, using libbfd; make --all the default.
-- Steve Beattie <email address hidden> Mon, 09 Feb 2015 02:09:07 -0800
|
CVE-2014-8484 |
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) |
CVE-2014-8485 |
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and pos |
CVE-2014-8501 |
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of |
CVE-2014-8502 |
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denia |
CVE-2014-8503 |
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of ser |
CVE-2014-8504 |
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of ser |
CVE-2014-8737 |
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full |
CVE-2014-8738 |
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (i |
|
About
-
Send Feedback to @ubuntu_updates