ELSA-2020-1797

ELSA-2020-1797 - binutils security and bug fix update

Type:SECURITY
Impact:LOW
Release Date:2020-05-05

Description


[2.30-73.0.1]
- Forward-port of Oracle patches from 2.30-68.0.2.
- Reviewed-by: Elena Zannoni

[2.30-68.0.2]
- Backport the non-cycle-detecting-capable deduplicating CTF linker
- Backport a fix for an upstream hashtab crash (no upstream bug number),
triggered by the above.
- Fix deduplication of ambiguously-named types in CTF.
- CTF types without names are not ambiguously-named.
- Stop the CTF_LINK_EMPTY_CU_MAPPINGS flag crashing.
- Only emit ambiguous types as hidden if they are named and there is already
a type with that name.
- Make sure completely empty dicts get their header written out properly
- Do not fail if adding anonymous struct/union members to structs/unions that
already contain other anonymous members at a different offset
- Correctly look up pointers to non-root-visible structures
- Emit error messages in dumping into the dump stream
- Do not abort early on dump-time errors
- Elide likely duplicates (same name, same kind) within a single TU (cross-
TU duplicate/ambiguous-type detection works as before).
- Fix linking of the CTF variable section
- Fix spurious conflicts of variables (also affects the nondeduplicating linker)
- Defend against CUs without names
- When linking only a single input file, set the output CTF CU name to the
name of the input
- Support cv-qualified bitfields
- Fix off-by-one error in SHA-1 sizing

[2.30-73]
- Remove bogus assertion. (#1801879)

[2.30-72]
- Allow the BFD library to handle the copying of files containing secondary reloc sections. (#1801879)

[2.30-68.0.1]
- Ensure 8-byte alignment for AArch64 stubs.
- Add CTF support to OL8: CTF machinery, including libctf.so and
libctf-nonbfd.so. The linker does not yet deduplicate the CTF type section.
- Backport of fix for upstream bug 23919, required by above
- [Orabug: 30102938] [Orabug: 30102941]

[2.30-71]
- Fix a potential seg-fault in the BFD library when parsing pathalogical debug_info sections. (#1779245)
- Fix a potential memory exhaustion in the BFD library when parsing corrupt DWARF debug information.

[2.30-70]
- Re-enable strip merging build notes. (#1777760)

[2.30-69]
- Fix linker testsuite failures triggered by annobin update.

[2.30-68]
- Backport H.J.Lus patch to add a workaround for the JCC Errata to the assembler. (#1777002)

[2.30-67]
- Fix a buffer overrun in the note merging code. (#1774507)

[2.30-66]
- Fix a seg-fault in gold when linking corrupt input files. (#1739254)

[2.30-65]
- NVR bump to allow rebuild with reverted version of glibc in the buildroot.

[2.30-64]
- Stop note merging with no effect from creating null filled note sections.

[2.30-63]
- Stop objcopy from generating a exit failure status when merging corrupt notes.

[2.30-62]
- Fix binutils testsuite failure introduced by -60 patch. (#1767711)

[2.30-61]
- Enable threading in the GOLD linker. (#1729225)
- Add check to readelf in order to prevent an integer overflow.

[2.30-60]
- Add support for SVE Vector PCS on AArch64. (#1726637)
- Add fixes for coverity test failures.
- Improve objcopys ability to merge GNU build attribute notes.

[2.30-59]
- Stop the linker from merging groups with different settings of the SHF_EXCLUDE flag. (#1730906)


Related CVEs


CVE-2019-1010204
CVE-2019-17451

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_aarch64_appstream
binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_aarch64_baseos_latest
binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_aarch64_u2_baseos_base
binutils-2.30-73.0.1.el8.aarch64.rpm081a78dfeb97b6248846eaa65c09d32e3f222725ba91c8e0c467099754962d1e-ol8_aarch64_baseos_latest
binutils-2.30-73.0.1.el8.aarch64.rpm081a78dfeb97b6248846eaa65c09d32e3f222725ba91c8e0c467099754962d1e-ol8_aarch64_u2_baseos_base
binutils-devel-2.30-73.0.1.el8.aarch64.rpm6cc2f0fbcc534c4c6657f12b82773dacce16ee4629c18b7827e4b104ddd85344-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_x86_64_appstream
binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_x86_64_baseos_latest
binutils-2.30-73.0.1.el8.src.rpmc8cc88a7a8a3a440351cbaf61207d0b5b71308c525e9a47b5f476fb87b7b7a2b-ol8_x86_64_u2_baseos_base
binutils-2.30-73.0.1.el8.x86_64.rpm48f809bfee85827c9be5d8fcdc04a79e6debe76e49d57e3d8da5f09c6d8184c5-ol8_x86_64_baseos_latest
binutils-2.30-73.0.1.el8.x86_64.rpm48f809bfee85827c9be5d8fcdc04a79e6debe76e49d57e3d8da5f09c6d8184c5-ol8_x86_64_u2_baseos_base
binutils-devel-2.30-73.0.1.el8.i686.rpmde872e9a27a248cb9f96d195746afb63e04b1acde1fb20b29afdcabea7d2e531-ol8_x86_64_appstream
binutils-devel-2.30-73.0.1.el8.x86_64.rpm5b0b41fb74736a8a57a0bf67bf8721f068aba37bdc3acc7188369aba78cb2a9c-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete