Format: 1.8
Date: Fri, 07 Jun 2019 11:31:15 -0400
Source: elfutils
Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev
Architecture: armhf armhf_translations
Version: 0.170-0.4ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-059.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 elfutils   - collection of utilities to handle ELF objects
 libasm-dev - libasm development libraries and header files
 libasm1    - library with a programmable assembler interface
 libdw-dev  - libdw1 development libraries and header files
 libdw1     - library that provides access to the DWARF debug information
 libelf-dev - libelf1 development libraries and header files
 libelf1    - library to read and write ELF files
Changes:
 elfutils (0.170-0.4ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: DoS via a crafted file
     - debian/patches/CVE-2018-16062.patch: make sure there is enough data
       to read full aranges header in libdw/dwarf_getaranges.c,
       src/readelf.c.
     - CVE-2018-16062
   * SECURITY UPDATE: double free and application crash
     - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu
       is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c,
       libelf/libelf.h.
     - CVE-2018-16402
   * SECURITY UPDATE: incorrect end of the attributes list check
     - debian/patches/CVE-2018-16403.patch: check end of attributes list
       consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c.
     - CVE-2018-16403
   * SECURITY UPDATE: invalid memory address dereference
     - debian/patches/CVE-2018-18310.patch: sanity check partial core file
       data reads in libdwfl/dwfl_segment_report_module.c.
     - CVE-2018-18310
   * SECURITY UPDATE: invalid memory address dereference
     - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in
       src/size.c.
     - CVE-2018-18520
   * SECURITY UPDATE: divide by zero vulnerabilties
     - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero
       in src/arlib.c.
     - CVE-2018-18521
   * SECURITY UPDATE: heap-based buffer over-read
     - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in
       dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c,
       src/readelf.c.
     - CVE-2019-7149
   * SECURITY UPDATE: incorrect truncated dyn data read handling
     - debian/patches/CVE-2019-7150.patch: sanity check partial core file
       dyn data read in libdwfl/dwfl_segment_report_module.c.
     - CVE-2019-7150
   * SECURITY UPDATE: heap-based buffer over-read
     - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
       contain a zero terminated string in libdwfl/linux-core-attach.c,
       libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
     - CVE-2019-7665
Checksums-Sha1:
 b713aa662c2a396e47b0a64a4593c706088f970c 762664 elfutils-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 6f1166269cf89e140d5d23c3074860cae9e81ab2 8355 elfutils_0.170-0.4ubuntu0.1_armhf.buildinfo
 581c20076affefd385d812a62c91b2dc0766b2cd 232080 elfutils_0.170-0.4ubuntu0.1_armhf.deb
 b7f355ed63028ab6aec644b00042e4e69c0bf45f 525853 elfutils_0.170-0.4ubuntu0.1_armhf_translations.tar.gz
 58ef8900c2d03304a43c0034e9315b012009fbd0 15608 libasm-dev_0.170-0.4ubuntu0.1_armhf.deb
 1f67e2fc5b8588013628371f88bff183ad2c3b1e 59848 libasm1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 55a07a1b237eb02d3b3fda3cc5f9b654ba552743 12684 libasm1_0.170-0.4ubuntu0.1_armhf.deb
 b794d691c327a3567e3c56b74322ff9dd249fb03 177788 libdw-dev_0.170-0.4ubuntu0.1_armhf.deb
 0d4a30e63d1972ca5bae999c7932bfe96c89ce8f 1141968 libdw1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 a0ade172f5a4c0e8e90d24871379ec055bd5a39a 189672 libdw1_0.170-0.4ubuntu0.1_armhf.deb
 a1433afd1ec3b3d34c443b5eb177434d7ba2e5ca 55780 libelf-dev_0.170-0.4ubuntu0.1_armhf.deb
 db027326dcb6448d8934bb83cbff0070632884d9 250232 libelf1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 324d5e58183fa4bb10e3a2bfb3c55a8e2c92c224 42860 libelf1_0.170-0.4ubuntu0.1_armhf.deb
Checksums-Sha256:
 6c18771fd464b76deb40575c7da396e4be24b22df0e6750143eeb3326308f747 762664 elfutils-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 2e4123ee74281b1e9622901340960674aa6d9ae8dcaac8f9bff7db81e38a62f7 8355 elfutils_0.170-0.4ubuntu0.1_armhf.buildinfo
 7068976601cc2a033cbb8f4ef51b8ed987cf4ab0f188ab471eaa05da9ad424d7 232080 elfutils_0.170-0.4ubuntu0.1_armhf.deb
 f8a9ae8e07a3b1f8140e2eb247c1746c68da21a91d1776605016e20bc26d5aaa 525853 elfutils_0.170-0.4ubuntu0.1_armhf_translations.tar.gz
 74f7435ddc52de761122385aaaab8ee1d813fde053ca6e5cf7f205960a9b72e3 15608 libasm-dev_0.170-0.4ubuntu0.1_armhf.deb
 a31e0b4059f0dfb0208ea681d887522677aa5f964c00ea32a9fa32b477b121bd 59848 libasm1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 a07d5b5b1383766232816f2e6fd680e60ccb7cc13d0dd3fa9c7e43e0692e1f68 12684 libasm1_0.170-0.4ubuntu0.1_armhf.deb
 ebd501c3b0633c1f38f0c431f2c4da4b6ca1eb31d32fb917aa513581d9fcbec6 177788 libdw-dev_0.170-0.4ubuntu0.1_armhf.deb
 7ea7ee19e798ecd3ba2bb9ed41a4a62d7db97da0b961a5b6735cdf6f18fe92ff 1141968 libdw1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 2f3e1fcc4162a138b76abd774446646ba88193fad11b90340423f2a70e5ccd22 189672 libdw1_0.170-0.4ubuntu0.1_armhf.deb
 76473b508bb88d17ea53157dd2dfd7beaa1c8811eb0f8462c80467becf963cf7 55780 libelf-dev_0.170-0.4ubuntu0.1_armhf.deb
 0dfd29aec0612184748d8fecc340fe1fe73556ae94007324adc6eed55fbdb18b 250232 libelf1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 db960246f53cddbdf943fa2d3b634fbc11f9228fb0a597a4b1979fb037ef01d8 42860 libelf1_0.170-0.4ubuntu0.1_armhf.deb
Files:
 b36fd23bb1164690b570f65638db9c44 762664 debug optional elfutils-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 2f8cea9d9585ab66499107fb0184873c 8355 libs optional elfutils_0.170-0.4ubuntu0.1_armhf.buildinfo
 f4387140984fd6b0695ca3d33ec1e372 232080 utils optional elfutils_0.170-0.4ubuntu0.1_armhf.deb
 540b474fbd8fc76284f508defc85f6f8 525853 raw-translations - elfutils_0.170-0.4ubuntu0.1_armhf_translations.tar.gz
 8cf9063612de0dc658d7fe2a0b1041e9 15608 libdevel optional libasm-dev_0.170-0.4ubuntu0.1_armhf.deb
 34ab4fb296998e989150d88d017f8a98 59848 debug optional libasm1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 da8b98b8aeb74e16467d9dea71a1c13a 12684 libs optional libasm1_0.170-0.4ubuntu0.1_armhf.deb
 5a28c4e36be4d09050cf6f65ef29be01 177788 libdevel optional libdw-dev_0.170-0.4ubuntu0.1_armhf.deb
 a905ae956b18b23f5df50f35e6d1a34f 1141968 debug optional libdw1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 c9027e1f8602d81fda5f5164d22aed0e 189672 libs optional libdw1_0.170-0.4ubuntu0.1_armhf.deb
 ab069844cdb084272b14f74e63c3c72d 55780 libdevel optional libelf-dev_0.170-0.4ubuntu0.1_armhf.deb
 61ad91b25f8b23ac8ce0f3770cd2742d 250232 debug optional libelf1-dbgsym_0.170-0.4ubuntu0.1_armhf.ddeb
 b3bb006311aac2f2f16a619ded90ac24 42860 libs optional libelf1_0.170-0.4ubuntu0.1_armhf.deb
Original-Maintainer: Kurt Roeckx <kurt@roeckx.be>