Format: 1.8 Date: Fri, 07 Jun 2019 11:31:15 -0400 Source: elfutils Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev Architecture: ppc64el ppc64el_translations Version: 0.170-0.4ubuntu0.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: elfutils - collection of utilities to handle ELF objects libasm-dev - libasm development libraries and header files libasm1 - library with a programmable assembler interface libdw-dev - libdw1 development libraries and header files libdw1 - library that provides access to the DWARF debug information libelf-dev - libelf1 development libraries and header files libelf1 - library to read and write ELF files Changes: elfutils (0.170-0.4ubuntu0.1) bionic-security; urgency=medium . * SECURITY UPDATE: DoS via a crafted file - debian/patches/CVE-2018-16062.patch: make sure there is enough data to read full aranges header in libdw/dwarf_getaranges.c, src/readelf.c. - CVE-2018-16062 * SECURITY UPDATE: double free and application crash - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c, libelf/libelf.h. - CVE-2018-16402 * SECURITY UPDATE: incorrect end of the attributes list check - debian/patches/CVE-2018-16403.patch: check end of attributes list consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c. - CVE-2018-16403 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18310.patch: sanity check partial core file data reads in libdwfl/dwfl_segment_report_module.c. - CVE-2018-18310 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in src/size.c. - CVE-2018-18520 * SECURITY UPDATE: divide by zero vulnerabilties - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero in src/arlib.c. - CVE-2018-18521 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c, src/readelf.c. - CVE-2019-7149 * SECURITY UPDATE: incorrect truncated dyn data read handling - debian/patches/CVE-2019-7150.patch: sanity check partial core file dyn data read in libdwfl/dwfl_segment_report_module.c. - CVE-2019-7150 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes contain a zero terminated string in libdwfl/linux-core-attach.c, libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c. - CVE-2019-7665 Checksums-Sha1: efdced5262c8fffd6338db73939692a7b6e507b2 801924 elfutils-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 3cfe4d7575617389aa9a0c64839774b920c0d4fb 8503 elfutils_0.170-0.4ubuntu0.1_ppc64el.buildinfo 419e174cbb418269bfced62e499057b268e169c4 240520 elfutils_0.170-0.4ubuntu0.1_ppc64el.deb e89b02ca6ea454b7cd57cec822fae3d7c11b3f08 525186 elfutils_0.170-0.4ubuntu0.1_ppc64el_translations.tar.gz d714810f531a09e13e52198b077b5e23b99da026 18108 libasm-dev_0.170-0.4ubuntu0.1_ppc64el.deb 36b7aaaba2423d1ede4562d97bc1c02e8c3db39c 62212 libasm1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 4a05092c437b2b1b80b6826c3fb1ddf065be52e6 14784 libasm1_0.170-0.4ubuntu0.1_ppc64el.deb cdc6e021c75d155f66d4c6491ba91a97849e279d 186812 libdw-dev_0.170-0.4ubuntu0.1_ppc64el.deb e597bd213a44713000bfcdb98b94b4a3b48e4c8b 1190164 libdw1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb ed308c578af8e3a3422863558139275caf71f25e 203480 libdw1_0.170-0.4ubuntu0.1_ppc64el.deb f2aa0f855c4426b6698e285a31345c91a43220d8 61404 libelf-dev_0.170-0.4ubuntu0.1_ppc64el.deb dc1f043288286f39222770ae5f3bc6ea7d399d6b 258260 libelf1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 8e0c113d2fdf7028443b68436b90130d137a244b 47176 libelf1_0.170-0.4ubuntu0.1_ppc64el.deb Checksums-Sha256: 2781c333aaca6e172116bda33b7b14fcdd257cc39165a88a4dddc95b2811be59 801924 elfutils-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb b412a409d610fa8a584010434392c1cbd12b55fec5bf477903290d554fd2a1e3 8503 elfutils_0.170-0.4ubuntu0.1_ppc64el.buildinfo db28aceedf567fb4d0f6a1e80ac738d47620fd7ac78e62d7b546a9aa41dc98f9 240520 elfutils_0.170-0.4ubuntu0.1_ppc64el.deb 579d70c9b917ea9e01d1d0712664804a7078571127045a7b54e39dbe39e75796 525186 elfutils_0.170-0.4ubuntu0.1_ppc64el_translations.tar.gz fbeb0c48db3ff4b8e9176890386484bf27a759491dde18bbd74e86793d44a664 18108 libasm-dev_0.170-0.4ubuntu0.1_ppc64el.deb 8cfe47157431b482c6e1ac43b2536295c4ac910df07fe204b7cba119bd106b7f 62212 libasm1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb a8e9a54d28430cc8172d3deb01f2125a792394052c81bd2f97001d65d1a2c007 14784 libasm1_0.170-0.4ubuntu0.1_ppc64el.deb c86e8b9c35f0c1349c6768cd83626f94b13e55d934e2d5ec4418f7605bd331b3 186812 libdw-dev_0.170-0.4ubuntu0.1_ppc64el.deb 4969b5e605bce1e3043c6252af051212c7300a4cb1a844b6c58b18a2aa02f3c4 1190164 libdw1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 797343f5e806786f3d66e6d8ef11a5118d76d13de10d9b778883af4ddb0eb13c 203480 libdw1_0.170-0.4ubuntu0.1_ppc64el.deb 1160b8d9daec4ade7650c8744271078a86d8ffff83cef1d661bf77c37d2a9507 61404 libelf-dev_0.170-0.4ubuntu0.1_ppc64el.deb 07746cd8dc5cd75922e297e6e93b05832282b52678792a8480ba43357780872f 258260 libelf1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 9485b90bba12da15b28b522c6ae0f1beb96c808933c00e78cefa4f777570a3e2 47176 libelf1_0.170-0.4ubuntu0.1_ppc64el.deb Files: 8e3dbcbcf7f20214207a9e4c9d960b08 801924 debug optional elfutils-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 590124b435e1f84a67a816c07d0aabc8 8503 libs optional elfutils_0.170-0.4ubuntu0.1_ppc64el.buildinfo 5613ff8ff213a125c5a5171344fc083e 240520 utils optional elfutils_0.170-0.4ubuntu0.1_ppc64el.deb 66b730ea9afdf39412749459b511ab5c 525186 raw-translations - elfutils_0.170-0.4ubuntu0.1_ppc64el_translations.tar.gz 2c995f30ae8085b6dcae0347b1a812fa 18108 libdevel optional libasm-dev_0.170-0.4ubuntu0.1_ppc64el.deb 95b5ba0a69b3498f9fa0ba47b057c7d4 62212 debug optional libasm1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb cd31cc7f5151153bb9e326d362d749d8 14784 libs optional libasm1_0.170-0.4ubuntu0.1_ppc64el.deb 2ac341d98297511d9f42767e46149db3 186812 libdevel optional libdw-dev_0.170-0.4ubuntu0.1_ppc64el.deb d39b3df35d8052414e6f146bb16fe327 1190164 debug optional libdw1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb c33501bd76bf601147bcd85a8deff199 203480 libs optional libdw1_0.170-0.4ubuntu0.1_ppc64el.deb 1b081e63dda7b416b8218bcdc75d896e 61404 libdevel optional libelf-dev_0.170-0.4ubuntu0.1_ppc64el.deb fc6e09b952dc2e19db3b9fd608e9c6ad 258260 debug optional libelf1-dbgsym_0.170-0.4ubuntu0.1_ppc64el.ddeb 7494c6f69b97e9b534937ad053805d0b 47176 libs optional libelf1_0.170-0.4ubuntu0.1_ppc64el.deb Original-Maintainer: Kurt Roeckx