binutils 2.24.90.20141014-0ubuntu3.1 source package in Ubuntu
Changelog
binutils (2.24.90.20141014-0ubuntu3.1) utopic-security; urgency=medium
* SECURITY UPDATE: incorrect memory handling around corrupt group
section headers
- debian/patches/binutils-CVE-2014-8485.patch: Improve handling of
corrupt group sections
- CVE-2014-8485
* SECURITY UPDATE: out-of-bounds write in _bfd_XXi_swap_aouthdr_in
- debian/patches/binutils-CVE-2014-8501.patch: Handle corrupt
binaries with an invalid value for NumberOfRvaAndSizes.
- CVE-2014-8501
* SECURITY UPDATE: pe_print_edata buffer overflow
- debian/patches/binutils-CVE-2014-8502.patch: Detect out of
range and truncated rvas or entry counts
- CVE-2014-8502
* SECURITY UPDATE: ihex_scan buffer overflow
- debian/patches/binutils-CVE-2014-8503.patch: Fix typo in
invocation of ihex_bad_byte.
- CVE-2014-8503
* SECURITY UPDATE: srec_scan buffer overflow
- debian/patches/binutils-CVE-2014-8504.patch: Increase size of buf
- CVE-2014-8504
* SECURITY UPDATE: directory traversal vulnerabilities
- debian/patches/binutils-CVE-2014-8737.patch: disallow paths that
include ../
- CVE-2014-8737
* SECURITY UPDATE: _bfd_slurp_extended_name_table out-of-bounds write
- debian/patches/binutils-CVE-2014-8738.patch: Handle archives
with corrupt extended name tables.
- CVE-2014-8738
* SECURITY UPDATE: multiple miscellaneous overflows and out-of-bounds
reads and writes
- debian/patches/binutils-bz17512-misc.patch: fix invalid memory
accesses.
* Security hardening: don't use libbfd by default in strings(1)
- debian/patches/binutils-harden_strings.patch: Add new command
line option --data to only scan the initialized, loadable data
sections of binaries, using libbfd; make --all the default.
-- Steve Beattie <email address hidden> Mon, 09 Feb 2015 03:11:18 -0800
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Utopic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| binutils_2.24.90.20141014.orig.tar.gz | 28.2 MiB | 03482df62bd8d7c6e515ec711ff2802fbea2e015af783f7375a279c138ab345f |
| binutils_2.24.90.20141014-0ubuntu3.1.diff.gz | 173.4 KiB | d106fb00f0167620948a990f364b2be2d32b178dc484a9be49800f0249cf44d1 |
| binutils_2.24.90.20141014-0ubuntu3.1.dsc | 2.5 KiB | 36e7b3c306496c76c757ebc440a525c9f8e70784c42575b0dbe9fe7f00188865 |
Available diffs
Binary packages built by this source
- binutils: No summary available for binutils in ubuntu utopic.
No description available for binutils in ubuntu utopic.
- binutils-dev: No summary available for binutils-dev in ubuntu utopic.
No description available for binutils-dev in ubuntu utopic.
- binutils-doc: No summary available for binutils-doc in ubuntu utopic.
No description available for binutils-doc in ubuntu utopic.
- binutils-multiarch: No summary available for binutils-multiarch in ubuntu utopic.
No description available for binutils-multiarch in ubuntu utopic.
- binutils-multiarch-dev: No summary available for binutils-multiarch-dev in ubuntu utopic.
No description available for binutils-
multiarch- dev in ubuntu utopic.
- binutils-source: No summary available for binutils-source in ubuntu utopic.
No description available for binutils-source in ubuntu utopic.
- binutils-static: No summary available for binutils-static in ubuntu utopic.
No description available for binutils-static in ubuntu utopic.
- binutils-static-udeb: No summary available for binutils-static-udeb in ubuntu utopic.
No description available for binutils-
static- udeb in ubuntu utopic.
