Format: 1.8 Date: Wed, 17 May 2017 23:27:15 +0000 Source: elfutils Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev Architecture: ppc64el ppc64el_translations Version: 0.165-3ubuntu1.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Tyler Hicks Description: elfutils - collection of utilities to handle ELF objects libasm-dev - libasm development libraries and header files libasm1 - library with a programmable assembler interface libdw-dev - libdw1 development libraries and header files libdw1 - library that provides access to the DWARF debug information libelf-dev - libelf1 development libraries and header files libelf1 - library to read and write ELF files Changes: elfutils (0.165-3ubuntu1.1) xenial-security; urgency=medium . * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading an ELF file for sanity checks. Based on upstream patch. - CVE-2016-10254 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2016-10255.patch: Sanity check offset and size before trying to malloc and read data. Based on upstream patch. - CVE-2016-10255 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7607.patch: Fix off by one sanity check in handle_gnu_hash. Based on upstream patch. - CVE-2017-7607 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7608.patch: Use the empty string for note names with zero size. Based on upstream patch. - CVE-2017-7608 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2017-7609.patch: Check compression ratio before trying to allocate output buffer. Based on upstream patch. - CVE-2017-7609 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7610.patch: Don't check section group without flags word. Based on upstream patch. - CVE-2017-7610 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7611.patch: Check symbol table data is big enough before checking. Based on upstream patch. - CVE-2017-7611 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking hash sections. Based on upstream patch. - CVE-2017-7612 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and shdrs available. Based on upstream patch. - CVE-2017-7613 Checksums-Sha1: 1595955d26faf04c1e027dc8fbbedc7dc2cc53b2 664928 elfutils-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 8f018dea711c64b9e22485fdd98ee6445ae392a5 278054 elfutils_0.165-3ubuntu1.1_ppc64el.deb 9a1c063f8c6f467818fa1bbc2a33d0010cc407f4 563645 elfutils_0.165-3ubuntu1.1_ppc64el_translations.tar.gz 23cc107da7111637e430850dd923df2cc072f519 17480 libasm-dev_0.165-3ubuntu1.1_ppc64el.deb 533469b49f413a341496cb4ec5a13d468b835896 45784 libasm1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb ef87265313a2f6fa577ad0ed1f8b362cb8be0f01 15692 libasm1_0.165-3ubuntu1.1_ppc64el.deb 7bd587687a9599ecfed7909bed957aa244158d52 156986 libdw-dev_0.165-3ubuntu1.1_ppc64el.deb 5195005ffc64834ee8e5a4e85db6965d3a6b62d8 633638 libdw1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 92eb7e4ba628f0347e352a9e96307b60dffbe63a 184942 libdw1_0.165-3ubuntu1.1_ppc64el.deb d8a29cd31849b888b3038d689247630076d3d65d 55166 libelf-dev_0.165-3ubuntu1.1_ppc64el.deb 8c453b55319e39f143997881bb4d511ce59adf43 130190 libelf1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 1a2d00d8829a9dd64a83ad7f11fe21253a7c928f 41858 libelf1_0.165-3ubuntu1.1_ppc64el.deb Checksums-Sha256: 7436e9c4add9ba3d080f6e2aef4a24965e064a3fbfd4f25f5ac11cc4b1f59796 664928 elfutils-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 1b0e662974b5b02b7cfc84fd0c72ede0033aee21f02056d68eb551f4d07436e2 278054 elfutils_0.165-3ubuntu1.1_ppc64el.deb b28edeab670e3f0f60a404afa7291180f53e033e3a6da7879388f77f9ab5c5c5 563645 elfutils_0.165-3ubuntu1.1_ppc64el_translations.tar.gz 388c2b98777db3be4fb3cae44f0d7b5c85aec224849bfd3fe2fcbf8b30cb4abd 17480 libasm-dev_0.165-3ubuntu1.1_ppc64el.deb 47b7ebe2eca0e6921a6b88b008ec97290f4295aa633f6d86a13c408edd4ce8cd 45784 libasm1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 2dfc959bdfa66c5849f936a2bebbfacb146141ad808337e5c96e5ee1deffacca 15692 libasm1_0.165-3ubuntu1.1_ppc64el.deb f1deef239ddb9fa88e4aefec7212aa4b4f3eb928db75aad87409e7f8b8175d2f 156986 libdw-dev_0.165-3ubuntu1.1_ppc64el.deb 49459feb48e02bbba1a724158d7ca04092b297e346aeb5e74a2b22f913cbdf0a 633638 libdw1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 7cb9bd388345ef666ca7aac387f514c2264f2f5559d2e65e0cf1d3bb7e4daf74 184942 libdw1_0.165-3ubuntu1.1_ppc64el.deb 741ad121dff80fe8ef67856c5590fde5f88a76da8b49a5d1d4bc663fef481be2 55166 libelf-dev_0.165-3ubuntu1.1_ppc64el.deb a40c041ab7d6727ab212e70d2fe8a02b69eb5a68f118c38fc7c49369f05da3b0 130190 libelf1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 5d7743908e80633332fe9824148ae0f803d2482175cbb15c203c479dfee92b41 41858 libelf1_0.165-3ubuntu1.1_ppc64el.deb Files: 4f1d86895a7181229e7f61ba04f86dc1 664928 utils extra elfutils-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb d9aae0223542784a4c9c3d38bce8cfd0 278054 utils optional elfutils_0.165-3ubuntu1.1_ppc64el.deb fda9581ea314be218a2a69dd6a978476 563645 raw-translations - elfutils_0.165-3ubuntu1.1_ppc64el_translations.tar.gz c51f5f1cc1aeadb33f1faa87d85fcf0d 17480 libdevel optional libasm-dev_0.165-3ubuntu1.1_ppc64el.deb 3e39055c1104176e0a39dbd487ad10f3 45784 libs extra libasm1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb cb9f09395c006e5be4a631d40cb03933 15692 libs optional libasm1_0.165-3ubuntu1.1_ppc64el.deb d49c933904c884b30e6073bb33b5bf9e 156986 libdevel optional libdw-dev_0.165-3ubuntu1.1_ppc64el.deb 387b609a10772667fd93f058fc167ed0 633638 libs extra libdw1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb cbf97fd22db62d1fa2916f73a1aa6117 184942 libs optional libdw1_0.165-3ubuntu1.1_ppc64el.deb 6ee48f575163bc65349f8a1781e1f2ea 55166 libdevel optional libelf-dev_0.165-3ubuntu1.1_ppc64el.deb 8f041870a9b49cac804a853cc626d8ef 130190 libs extra libelf1-dbgsym_0.165-3ubuntu1.1_ppc64el.ddeb 0bde481b5bf956250f5c298b5dff5060 41858 libs optional libelf1_0.165-3ubuntu1.1_ppc64el.deb Original-Maintainer: Kurt Roeckx