Stay Connected:

ELSA-2015-2079

ELSA-2015-2079 - binutils security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2015-11-23

Description


[2.23.52.0.1-55]
- Add missing delta to patch that fixes parsing corrupted archives.
(#1162666)

[2.23.52.0.1-54]
- Import patch for PR 18270: Create AArch64 GOT entries for local symbols.
(#1238783)

[2.23.52.0.1-51]
- Fix incorrectly generated binaries and DSOs on PPC platforms.
(#1247126)

[2.23.52.0.1-50]
- Fix memory corruption parsing corrupt archives.
(#1162666)

[2.23.52.0.1-49]
- Fix directory traversal vulnerability.
(#1162655)

[2.23.52.0.1-48]
- Fix stack overflow in SREC parser.
(#1162621)

[2.23.52.0.1-47]
- Fix stack overflow whilst parsing a corrupt iHex file.
(#1162607)

[2.23.52.0.1-46]
- Fix out of bounds memory accesses when parsing corrupt PE binaries.
(#1162594, #1162570)

[2.23.52.0.1-45]
- Change strings program to default to -a. Fix problems parsing
files containg corrupt ELF group sections. (#1157276)

[2.23.52.0.1-44]
- Avoid reading beyond function boundary when disassembling.
(#1060282)

- For binary ouput, we don't have an ELF bfd output so can't access
elf_elfheader. (#1226864)

[2.23.52.0.1-43]
- Don't discard stap probe note sections on aarch64 (#1225091)

[2.23.52.0.1-42]
- Clamp maxpagesize at 1 (rather than 0) to avoid segfaults
in the linker when passed a bogus max-page-size argument.
(#1203449)

[2.23.52.0.1-41]
- Fixup bfd elf_link_add_object_symbols for ppc64 to prevent subsequent
uninitialized accesses elsewhere. (#1172766)

[2.23.52.0.1-40]
- Minor testsuite adjustments for PPC changes in -38/-39.
(#1183838)
Fix md_assemble for PPC to handle arithmetic involving the TOC
better. (#1183838)

[2.23.52.0.1-39]
- Fix ppc64: segv in libbfd (#1172766).

[2.23.52.0.1-38]
- Unconditionally apply ppc64le patches (#1183838).

[2.23.52.0.1-37]
- Andreas's backport of z13 and dependent fixes for s390,
including tesetcase fix from Apr 27, 2015. (#1182153)

[2.23.52.0.1-35]
- Fixup testsuite for AArch64 (#1182111)
- Add support for @localentry for LE PPC64 (#1194164)

[2.23.52.0.1-34]
- Do not install windmc(1) man page (#850832)

[2.23.52.0.1-33]
- Don't replace R_390_TLS_LE{32,64} with R_390_TLS_TPOFF for PIE
(#872148)
- Enable relro by default for arm and aarch64 (#1203449)
- Backport 3 RELRO improvements for ppc64/ppc64le from upstream
(#1175624)

[2.23.52.0.1-31]
- Backport upstream RELRO fixes. (#1200138)


Related CVEs


CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737
CVE-2014-8738

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) binutils-2.23.52.0.1-55.el7.src.rpm9071f16a81b80d72759ed65794155060ELBA-2020-5937
binutils-2.23.52.0.1-55.el7.x86_64.rpmda6f531d935f65301c03a702eec17ac8ELBA-2020-5937
binutils-devel-2.23.52.0.1-55.el7.i686.rpmc0c9fca3683f9a1725b765802f204824ELBA-2020-5937
binutils-devel-2.23.52.0.1-55.el7.x86_64.rpmdc8fd2cdfb25f1174dde13822ea68082ELBA-2020-5937



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights