elfutils 0.158-0ubuntu5.3 source package in Ubuntu
Changelog
elfutils (0.158-0ubuntu5.3) trusty-security; urgency=medium
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading
an ELF file for sanity checks. Based on upstream patch.
- CVE-2016-10254
* SECURITY UPDATE: Denial of service via memory consumption when handling
crafted ELF files
- debian/patches/CVE-2016-10255.patch: Sanity check offset and size before
trying to malloc and read data. Based on upstream patch.
- CVE-2016-10255
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7607-1.patch: Sanity check hash section contents
before processing. Based on upstream patch.
- debian/patches/CVE-2017-7607-2.patch: Fix off by one sanity check in
handle_gnu_hash. Based on upstream patch.
- CVE-2017-7607
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7608.patch: Use the empty string for note names
with zero size. Based on upstream patch.
- CVE-2017-7608
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7610.patch: Don't check section group without
flags word. Based on upstream patch.
- CVE-2017-7610
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7611.patch: Check symbol table data is big
enough before checking. Based on upstream patch.
- CVE-2017-7611
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking
hash sections. Based on upstream patch.
- CVE-2017-7612
* SECURITY UPDATE: Denial of service via memory consumption when handling
crafted ELF files
- debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and
shdrs available. Based on upstream patch.
- CVE-2017-7613
-- Tyler Hicks <email address hidden> Wed, 17 May 2017 23:27:15 +0000
Upload details
- Uploaded by:
- Tyler Hicks
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Trusty | updates | main | libs | |
| Trusty | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| elfutils_0.158.orig.tar.bz2 | 4.7 MiB | be27af5c21352f53e010342bf1c68e0b9e18232dbf3adec7e2f9b41f6bbe397d |
| elfutils_0.158-0ubuntu5.3.debian.tar.gz | 60.7 KiB | 1d50546d363681c79bc8b2ca65813c2838b776d6c1dad594e1ced857801343e9 |
| elfutils_0.158-0ubuntu5.3.dsc | 2.2 KiB | 9096d820d00f4141565fe761d0ffbbd436201776e6a0a20df8550133a44ac558 |
Available diffs
Binary packages built by this source
- elfutils: collection of utilities to handle ELF objects
Elfutils is a collection of utilities, including eu-ld (a linker),
eu-nm (for listing symbols from object files), eu-size (for listing the
section sizes of an object or archive file), eu-strip (for discarding
symbols), eu-readelf (to see the raw ELF file structures), and eu-elflint
(to check for well-formed ELF files).
- elfutils-dbgsym: debug symbols for package elfutils
Elfutils is a collection of utilities, including eu-ld (a linker),
eu-nm (for listing symbols from object files), eu-size (for listing the
section sizes of an object or archive file), eu-strip (for discarding
symbols), eu-readelf (to see the raw ELF file structures), and eu-elflint
(to check for well-formed ELF files).
- libasm-dev: libasm development libraries and header files
libasm1 allows you to create ELF files on a low level.
.
This package contains development libraries and header files for libasm1.
- libasm1: library with a programmable assembler interface
The libasm1 package provides a library with a programmable assembler
interface. It allows you to create ELF files on a low level.
.
This library is part of elfutils.
- libasm1-dbgsym: debug symbols for package libasm1
The libasm1 package provides a library with a programmable assembler
interface. It allows you to create ELF files on a low level.
.
This library is part of elfutils.
- libdw-dev: libdw1 development libraries and header files
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This package contains development libraries and header files for libdw1.
.
It also contains a static version of libdw. Only link to the static version
for special cases and when you don't need anything from the ebl backends.
- libdw1: library that provides access to the DWARF debug information
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This library is part of elfutils.
- libdw1-dbgsym: debug symbols for package libdw1
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This library is part of elfutils.
- libelf-dev: libelf1 development libraries and header files
libelf1 provides a shared library which allows reading and writing of ELF
files on a high level.
.
This package contains development libraries and header files for libelf1.
- libelf1: library to read and write ELF files
The libelf1 package provides a shared library which allows reading and
writing ELF files on a high level. Third party programs depend on
this package to read internals of ELF files. The programs of the
elfutils package use it also to generate new ELF files.
.
This library is part of elfutils.
- libelf1-dbgsym: debug symbols for package libelf1
The libelf1 package provides a shared library which allows reading and
writing ELF files on a high level. Third party programs depend on
this package to read internals of ELF files. The programs of the
elfutils package use it also to generate new ELF files.
.
This library is part of elfutils.
