Format: 1.8 Date: Fri, 09 Jun 2017 10:41:47 -0400 Source: gdb Binary: gdb gdb64 gdb-multiarch gdbserver gdb-source gdb-dbg gdb-doc Architecture: i386 i386_translations Version: 7.11.1-0ubuntu1~16.5 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gdb - GNU Debugger gdb-dbg - GNU Debugger (debug package) gdb-doc - The GNU Debugger Documentation gdb-multiarch - GNU Debugger (with support for multiple architectures) gdb-source - GNU Debugger (source) gdb64 - GNU Debugger (64-bit) gdbserver - GNU Debugger (remote server) Changes: gdb (7.11.1-0ubuntu1~16.5) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in string_appends - debian/patches/CVE-2016-2226.patch: check for overflow in libiberty/cplus-dem.c, added xmalloc_failed to gdb/common/common-utils.c. - CVE-2016-2226 * SECURITY UPDATE: use-after-free vulberabilities - debian/patches/CVE-2016-4487_4488.patch: set bsize and ksize in libiberty/cplus-dem.c, added test to libiberty/testsuite/demangle-expected. - CVE-2016-4487 - CVE-2016-4488 * SECURITY UPDATE: integer overflow in gnu_special - debian/patches/CVE-2016-4489.patch: handle case where consume_count returns -1 in libiberty/cplus-dem.c. - CVE-2016-4489 * SECURITY UPDATE: integer overflow after sanity checks - debian/patches/CVE-2016-4490.patch: parse numbers as integer instead of long in libiberty/cp-demangle.c, added test to libiberty/testsuite/demangle-expected. - CVE-2016-4490 * SECURITY UPDATE: denial of service via infinite recursion - debian/patches/CVE-2016-4491-1.patch: limit recursion in include/demangle.h, libiberty/cp-demangle.c, libiberty/cp-demint.c, added test to libiberty/testsuite/demangle-expected. - debian/patches/CVE-2016-4491-2.patch: limit more recursion in libiberty/cp-demangle.c. - debian/patches/CVE-2016-4491-3.patch: initialize d_printing in gdb/cp-name-parser.y, libiberty/cp-demangle.c. - CVE-2016-4491 * SECURITY UPDATE: buffer overflow in do_type - debian/patches/CVE-2016-4492_4493.patch: properly handle large values and overflow in libiberty/cplus-dem.c, added test to libiberty/testsuite/demangle-expected. - CVE-2016-4492 - CVE-2016-4493 * SECURITY UPDATE: denial of service via infinite recursion - debian/patches/CVE-2016-6131.patch: prevent infinite recursion in libiberty/cplus-dem.c, added test to libiberty/testsuite/demangle-expected. - CVE-2016-6131 Checksums-Sha1: abbed966915c386ed40103e3811d0f2e4b90ec5d 10235886 gdb-dbg_7.11.1-0ubuntu1~16.5_i386.deb 9b04fbce616082d647937510fe2e9201195555e6 1012 gdb-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 328fe0d008ba9bb1164fa55c0fc7204191ed39f5 1054 gdb-multiarch-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 68affb1dde68044fb22844544f1ccec1bfd99d94 3282792 gdb-multiarch_7.11.1-0ubuntu1~16.5_i386.deb b20cd5cc757779ea54f1102b9a787ce964b6b576 1052 gdb64-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb b09393c9c63a2cf1cddf7f9bd34fe967e4d3e44d 1836640 gdb64_7.11.1-0ubuntu1~16.5_i386.deb 684ad35c34ab9d3126d9504a206172a6b906dcb6 2569894 gdb_7.11.1-0ubuntu1~16.5_i386.deb c5fe0d07a83b9075ae85332b156b401b980892f4 877906 gdb_7.11.1-0ubuntu1~16.5_i386_translations.tar.gz 611c4a0764147822fa0847f64381fbf822b351b7 1058 gdbserver-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb d83b6162db1279bc2497ce0e04aa5e200cfa209b 184042 gdbserver_7.11.1-0ubuntu1~16.5_i386.deb Checksums-Sha256: 9d88a42f56c32e42846e70f61026eef1f9180963f44e9e86431fb405a2b85ccd 10235886 gdb-dbg_7.11.1-0ubuntu1~16.5_i386.deb 33501dab124e5b61622934afa47f2d651dcd652519edf793ba529e7096057fe7 1012 gdb-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 81ac15bda50e891ce90ea67e22904cafb045dc299081723e38a4fe81da13eed1 1054 gdb-multiarch-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb d6356ae1b305a505511e94b081007a76912f663bfe65c250958c9250feaaff2e 3282792 gdb-multiarch_7.11.1-0ubuntu1~16.5_i386.deb 044a847709cc7cedc5b27f9ad68ee20effacbaf1c2c1e1de21d24f08a96e81f3 1052 gdb64-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 2e0e6ae3f948c825fcc67466727a4443a364def47846a2185616719ded9e0c6d 1836640 gdb64_7.11.1-0ubuntu1~16.5_i386.deb 40ddf0fc17a128cb3fdf3252e74ab50239f0ca66d1ea8b185cec8c7e7cd21186 2569894 gdb_7.11.1-0ubuntu1~16.5_i386.deb 2a6bf8e3df66478f1c7f23808044ab91bb848b03b97f8f241c2782067192fec8 877906 gdb_7.11.1-0ubuntu1~16.5_i386_translations.tar.gz 4e5fa7b514418f3878ebfebd04fee2c7a9e8f7ba0d932fa82984b323bd6aae7d 1058 gdbserver-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb daa0eab892fbfeb1b6adf1205f84af3b433e3598b76b7419856f51f247ffd2bc 184042 gdbserver_7.11.1-0ubuntu1~16.5_i386.deb Files: 915c67cbd4982334e8990902d0e1581e 10235886 debug extra gdb-dbg_7.11.1-0ubuntu1~16.5_i386.deb ded7b78081e723aa44e17d30d7d31b08 1012 devel extra gdb-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 5a24de9800313638e7bfa25da6ac2559 1054 devel extra gdb-multiarch-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 02977c47ee30ce05584d5666a2267d46 3282792 devel optional gdb-multiarch_7.11.1-0ubuntu1~16.5_i386.deb 35edd10703c3019670563d2b311a076a 1052 devel extra gdb64-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 50646349c6c9e2327f15480d8f168979 1836640 devel optional gdb64_7.11.1-0ubuntu1~16.5_i386.deb bc73b986987da59edc3ef718453c0746 2569894 devel optional gdb_7.11.1-0ubuntu1~16.5_i386.deb 51af67ad795500c826e3d74bc4e2e518 877906 raw-translations - gdb_7.11.1-0ubuntu1~16.5_i386_translations.tar.gz 9a48de4c76e615989d6b697ee583fe35 1058 devel extra gdbserver-dbgsym_7.11.1-0ubuntu1~16.5_i386.ddeb 2417dfa2377887ff29ee0ef80a998e89 184042 devel optional gdbserver_7.11.1-0ubuntu1~16.5_i386.deb Original-Maintainer: Héctor Orón Martínez