Publishing details

• Published on 2019-06-10
• Copied from ubuntu xenial in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

elfutils (0.165-3ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via a crafted file
    - debian/patches/CVE-2018-16062.patch: make sure there is enough data
      to read full aranges header in libdw/dwarf_getaranges.c,
      src/readelf.c.
    - CVE-2018-16062
  * SECURITY UPDATE: double free and application crash
    - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu
      is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c,
      libelf/libelf.h.
    - CVE-2018-16402
  * SECURITY UPDATE: incorrect end of the attributes list check
    - debian/patches/CVE-2018-16403.patch: check end of attributes list
      consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c.
    - CVE-2018-16403
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18310.patch: sanity check partial core file
      data reads in libdwfl/dwfl_segment_report_module.c.
    - CVE-2018-18310
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in
      src/size.c.
    - CVE-2018-18520
  * SECURITY UPDATE: divide by zero vulnerabilties
    - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero
      in src/arlib.c.
    - CVE-2018-18521
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in
      dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c,
      src/readelf.c.
    - CVE-2019-7149
  * SECURITY UPDATE: incorrect truncated dyn data read handling
    - debian/patches/CVE-2019-7150.patch: sanity check partial core file
      dyn data read in libdwfl/dwfl_segment_report_module.c.
    - CVE-2019-7150
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
      contain a zero terminated string in libdwfl/linux-core-attach.c,
      libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
    - CVE-2019-7665

 -- Marc Deslauriers <email address hidden>  Fri, 07 Jun 2019 12:37:02 -0400

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el
• s390x

Built packages

• elfutils collection of utilities to handle ELF objects

• elfutils-dbgsym debug symbols for package elfutils

• libasm-dev libasm development libraries and header files

• libasm1 library with a programmable assembler interface

• libasm1-dbgsym debug symbols for package libasm1

• libdw-dev libdw1 development libraries and header files

• libdw1 library that provides access to the DWARF debug information

• libdw1-dbgsym debug symbols for package libdw1

• libelf-dev libelf1 development libraries and header files

• libelf1 library to read and write ELF files

• libelf1-dbgsym debug symbols for package libelf1

Package files

• elfutils-dbgsym_0.165-3ubuntu1.2_amd64.ddeb (594.8 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_arm64.ddeb (599.6 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_armhf.ddeb (584.1 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_i386.ddeb (528.3 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_powerpc.ddeb (556.5 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_ppc64el.ddeb (650.0 KiB)
• elfutils-dbgsym_0.165-3ubuntu1.2_s390x.ddeb (560.6 KiB)
• elfutils_0.165-3ubuntu1.2.debian.tar.xz (50.8 KiB)
• elfutils_0.165-3ubuntu1.2.dsc (2.3 KiB)
• elfutils_0.165-3ubuntu1.2_amd64.deb (274.7 KiB)
• elfutils_0.165-3ubuntu1.2_arm64.deb (243.0 KiB)
• elfutils_0.165-3ubuntu1.2_armhf.deb (255.2 KiB)
• elfutils_0.165-3ubuntu1.2_i386.deb (289.2 KiB)
• elfutils_0.165-3ubuntu1.2_powerpc.deb (252.3 KiB)
• elfutils_0.165-3ubuntu1.2_ppc64el.deb (270.8 KiB)
• elfutils_0.165-3ubuntu1.2_s390x.deb (273.4 KiB)
• elfutils_0.165.orig.tar.bz2 (6.2 MiB)
• libasm-dev_0.165-3ubuntu1.2_amd64.deb (16.9 KiB)
• libasm-dev_0.165-3ubuntu1.2_arm64.deb (15.7 KiB)
• libasm-dev_0.165-3ubuntu1.2_armhf.deb (15.7 KiB)
• libasm-dev_0.165-3ubuntu1.2_i386.deb (17.7 KiB)
• libasm-dev_0.165-3ubuntu1.2_powerpc.deb (16.0 KiB)
• libasm-dev_0.165-3ubuntu1.2_ppc64el.deb (17.1 KiB)
• libasm-dev_0.165-3ubuntu1.2_s390x.deb (17.1 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_amd64.ddeb (42.1 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_arm64.ddeb (43.8 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_armhf.ddeb (42.5 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_i386.ddeb (39.0 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_powerpc.ddeb (42.5 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_ppc64el.ddeb (44.7 KiB)
• libasm1-dbgsym_0.165-3ubuntu1.2_s390x.ddeb (40.1 KiB)
• libasm1_0.165-3ubuntu1.2_amd64.deb (15.1 KiB)
• libasm1_0.165-3ubuntu1.2_arm64.deb (13.0 KiB)
• libasm1_0.165-3ubuntu1.2_armhf.deb (13.6 KiB)
• libasm1_0.165-3ubuntu1.2_i386.deb (17.3 KiB)
• libasm1_0.165-3ubuntu1.2_powerpc.deb (15.7 KiB)
• libasm1_0.165-3ubuntu1.2_ppc64el.deb (15.3 KiB)
• libasm1_0.165-3ubuntu1.2_s390x.deb (14.9 KiB)
• libdw-dev_0.165-3ubuntu1.2_amd64.deb (153.1 KiB)
• libdw-dev_0.165-3ubuntu1.2_arm64.deb (137.0 KiB)
• libdw-dev_0.165-3ubuntu1.2_armhf.deb (146.1 KiB)
• libdw-dev_0.165-3ubuntu1.2_i386.deb (172.9 KiB)
• libdw-dev_0.165-3ubuntu1.2_powerpc.deb (151.2 KiB)
• libdw-dev_0.165-3ubuntu1.2_ppc64el.deb (153.1 KiB)
• libdw-dev_0.165-3ubuntu1.2_s390x.deb (151.1 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_amd64.ddeb (576.4 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_arm64.ddeb (589.2 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_armhf.ddeb (589.2 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_i386.ddeb (554.9 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_powerpc.ddeb (581.1 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_ppc64el.ddeb (619.1 KiB)
• libdw1-dbgsym_0.165-3ubuntu1.2_s390x.ddeb (564.1 KiB)
• libdw1_0.165-3ubuntu1.2_amd64.deb (187.1 KiB)
• libdw1_0.165-3ubuntu1.2_arm64.deb (157.7 KiB)
• libdw1_0.165-3ubuntu1.2_armhf.deb (173.6 KiB)
• libdw1_0.165-3ubuntu1.2_i386.deb (214.5 KiB)
• libdw1_0.165-3ubuntu1.2_powerpc.deb (182.7 KiB)
• libdw1_0.165-3ubuntu1.2_ppc64el.deb (181.2 KiB)
• libdw1_0.165-3ubuntu1.2_s390x.deb (180.5 KiB)
• libelf-dev_0.165-3ubuntu1.2_amd64.deb (53.2 KiB)
• libelf-dev_0.165-3ubuntu1.2_arm64.deb (48.8 KiB)
• libelf-dev_0.165-3ubuntu1.2_armhf.deb (51.0 KiB)
• libelf-dev_0.165-3ubuntu1.2_i386.deb (57.8 KiB)
• libelf-dev_0.165-3ubuntu1.2_powerpc.deb (51.1 KiB)
• libelf-dev_0.165-3ubuntu1.2_ppc64el.deb (53.9 KiB)
• libelf-dev_0.165-3ubuntu1.2_s390x.deb (53.4 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_amd64.ddeb (123.6 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_arm64.ddeb (124.3 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_armhf.ddeb (126.8 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_i386.ddeb (119.1 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_powerpc.ddeb (121.6 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_ppc64el.ddeb (127.1 KiB)
• libelf1-dbgsym_0.165-3ubuntu1.2_s390x.ddeb (122.0 KiB)
• libelf1_0.165-3ubuntu1.2_amd64.deb (42.5 KiB)
• libelf1_0.165-3ubuntu1.2_arm64.deb (36.4 KiB)
• libelf1_0.165-3ubuntu1.2_armhf.deb (40.2 KiB)
• libelf1_0.165-3ubuntu1.2_i386.deb (48.6 KiB)
• libelf1_0.165-3ubuntu1.2_powerpc.deb (42.2 KiB)
• libelf1_0.165-3ubuntu1.2_ppc64el.deb (41.5 KiB)
• libelf1_0.165-3ubuntu1.2_s390x.deb (41.8 KiB)