Publishing details
Changelog
gdb (7.7.1-0ubuntu5~14.04.3) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via invalid value in NumberOfRvaAndSizes field
- debian/patches/CVE-2014-8501.patch: add check to bfd/peXXigen.c.
- CVE-2014-8501
* SECURITY UPDATE: stack overflow when printing bad bytes
- debian/patches/CVE-2014-9939.patch: fix escape sequences in
bfd/ihex.c, bfd/srec.c.
- CVE-2014-9939
* SECURITY UPDATE: integer overflow in string_appends
- debian/patches/CVE-2016-2226.patch: check for overflow in
libiberty/cplus-dem.c, added xmalloc_failed to
gdb/common/common-utils.c.
- CVE-2016-2226
* SECURITY UPDATE: use-after-free vulberabilities
- debian/patches/CVE-2016-4487_4488.patch: set bsize and ksize in
libiberty/cplus-dem.c, added test to
libiberty/testsuite/demangle-expected.
- CVE-2016-4487
- CVE-2016-4488
* SECURITY UPDATE: integer overflow in gnu_special
- debian/patches/CVE-2016-4489.patch: handle case where consume_count
returns -1 in libiberty/cplus-dem.c.
- CVE-2016-4489
* SECURITY UPDATE: integer overflow after sanity checks
- debian/patches/CVE-2016-4490.patch: parse numbers as integer instead
of long in libiberty/cp-demangle.c, added test to
libiberty/testsuite/demangle-expected.
- CVE-2016-4490
* SECURITY UPDATE: denial of service via infinite recursion
- debian/patches/CVE-2016-4491-1.patch: limit recursion in
include/demangle.h, libiberty/cp-demangle.c, libiberty/cp-demint.c,
added test to libiberty/testsuite/demangle-expected.
- debian/patches/CVE-2016-4491-2.patch: limit more recursion in
libiberty/cp-demangle.c.
- debian/patches/CVE-2016-4491-3.patch: initialize d_printing in
gdb/cp-name-parser.y, libiberty/cp-demangle.c.
- CVE-2016-4491
* SECURITY UPDATE: buffer overflow in do_type
- debian/patches/CVE-2016-4492_4493.patch: properly handle large values
and overflow in libiberty/cplus-dem.c, added test to
libiberty/testsuite/demangle-expected.
- CVE-2016-4492
- CVE-2016-4493
* SECURITY UPDATE: denial of service via infinite recursion
- debian/patches/CVE-2016-6131.patch: prevent infinite recursion in
libiberty/cplus-dem.c, added test to
libiberty/testsuite/demangle-expected.
- CVE-2016-6131
-- Marc Deslauriers <email address hidden> Fri, 09 Jun 2017 10:42:55 -0400
Builds
Built packages
-
gdb-dbgsym
debug symbols for package gdb
-
gdb-doc
The GNU Debugger Documentation
-
gdb-minimal
GNU Debugger (minimal version)
-
gdb-minimal-dbgsym
debug symbols for package gdb-minimal
-
gdb-multiarch
GNU Debugger (with support for multiple architectures)
-
gdb-source
GNU Debugger (source)
-
gdb64
GNU Debugger (64-bit)
-
gdbserver
GNU Debugger (remote server)
-
gdbserver-dbgsym
debug symbols for package gdbserver
Package files