Publishing details

• Removed from disk on 2018-06-05.
• Removal requested on 2018-06-05.
• Deleted on 2018-06-05 by Marc Deslauriers
• Published on 2017-05-18

Changelog

elfutils (0.158-0ubuntu5.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading
      an ELF file for sanity checks. Based on upstream patch.
    - CVE-2016-10254
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2016-10255.patch: Sanity check offset and size before
      trying to malloc and read data. Based on upstream patch.
    - CVE-2016-10255
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7607-1.patch: Sanity check hash section contents
      before processing. Based on upstream patch.
    - debian/patches/CVE-2017-7607-2.patch: Fix off by one sanity check in
      handle_gnu_hash. Based on upstream patch.
    - CVE-2017-7607
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7608.patch: Use the empty string for note names
      with zero size. Based on upstream patch.
    - CVE-2017-7608
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7610.patch: Don't check section group without
      flags word. Based on upstream patch.
    - CVE-2017-7610
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7611.patch: Check symbol table data is big
      enough before checking. Based on upstream patch.
    - CVE-2017-7611
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking
      hash sections. Based on upstream patch.
    - CVE-2017-7612
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and
      shdrs available. Based on upstream patch.
    - CVE-2017-7613

 -- Tyler Hicks <email address hidden>  Wed, 17 May 2017 23:27:15 +0000

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el

Package files

• elfutils-dbgsym_0.158-0ubuntu5.3_amd64.ddeb (552.2 KiB)
• elfutils-dbgsym_0.158-0ubuntu5.3_arm64.ddeb (574.9 KiB)
• elfutils-dbgsym_0.158-0ubuntu5.3_armhf.ddeb (559.9 KiB)
• elfutils-dbgsym_0.158-0ubuntu5.3_i386.ddeb (520.3 KiB)
• elfutils-dbgsym_0.158-0ubuntu5.3_powerpc.ddeb (534.8 KiB)
• elfutils-dbgsym_0.158-0ubuntu5.3_ppc64el.ddeb (577.2 KiB)
• elfutils_0.158-0ubuntu5.3.debian.tar.gz (60.7 KiB)
• elfutils_0.158-0ubuntu5.3.dsc (2.2 KiB)
• elfutils_0.158-0ubuntu5.3_amd64.deb (252.7 KiB)
• elfutils_0.158-0ubuntu5.3_arm64.deb (231.4 KiB)
• elfutils_0.158-0ubuntu5.3_armhf.deb (240.6 KiB)
• elfutils_0.158-0ubuntu5.3_i386.deb (255.9 KiB)
• elfutils_0.158-0ubuntu5.3_powerpc.deb (238.7 KiB)
• elfutils_0.158-0ubuntu5.3_ppc64el.deb (234.6 KiB)
• elfutils_0.158.orig.tar.bz2 (4.7 MiB)
• libasm-dev_0.158-0ubuntu5.3_amd64.deb (16.5 KiB)
• libasm-dev_0.158-0ubuntu5.3_arm64.deb (15.7 KiB)
• libasm-dev_0.158-0ubuntu5.3_armhf.deb (15.6 KiB)
• libasm-dev_0.158-0ubuntu5.3_i386.deb (16.5 KiB)
• libasm-dev_0.158-0ubuntu5.3_powerpc.deb (16.3 KiB)
• libasm-dev_0.158-0ubuntu5.3_ppc64el.deb (16.7 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_amd64.ddeb (43.7 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_arm64.ddeb (44.9 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_armhf.ddeb (44.0 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_i386.ddeb (42.0 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_powerpc.ddeb (43.8 KiB)
• libasm1-dbgsym_0.158-0ubuntu5.3_ppc64el.ddeb (44.8 KiB)
• libasm1_0.158-0ubuntu5.3_amd64.deb (14.9 KiB)
• libasm1_0.158-0ubuntu5.3_arm64.deb (12.9 KiB)
• libasm1_0.158-0ubuntu5.3_armhf.deb (14.4 KiB)
• libasm1_0.158-0ubuntu5.3_i386.deb (15.8 KiB)
• libasm1_0.158-0ubuntu5.3_powerpc.deb (15.5 KiB)
• libasm1_0.158-0ubuntu5.3_ppc64el.deb (14.3 KiB)
• libdw-dev_0.158-0ubuntu5.3_amd64.deb (131.5 KiB)
• libdw-dev_0.158-0ubuntu5.3_arm64.deb (118.4 KiB)
• libdw-dev_0.158-0ubuntu5.3_armhf.deb (124.0 KiB)
• libdw-dev_0.158-0ubuntu5.3_i386.deb (142.8 KiB)
• libdw-dev_0.158-0ubuntu5.3_powerpc.deb (136.0 KiB)
• libdw-dev_0.158-0ubuntu5.3_ppc64el.deb (128.5 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_amd64.ddeb (525.3 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_arm64.ddeb (545.4 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_armhf.ddeb (544.3 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_i386.ddeb (521.7 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_powerpc.ddeb (541.8 KiB)
• libdw1-dbgsym_0.158-0ubuntu5.3_ppc64el.ddeb (550.5 KiB)
• libdw1_0.158-0ubuntu5.3_amd64.deb (169.3 KiB)
• libdw1_0.158-0ubuntu5.3_arm64.deb (143.3 KiB)
• libdw1_0.158-0ubuntu5.3_armhf.deb (157.8 KiB)
• libdw1_0.158-0ubuntu5.3_i386.deb (185.1 KiB)
• libdw1_0.158-0ubuntu5.3_powerpc.deb (169.4 KiB)
• libdw1_0.158-0ubuntu5.3_ppc64el.deb (158.4 KiB)
• libelf-dev_0.158-0ubuntu5.3_amd64.deb (46.0 KiB)
• libelf-dev_0.158-0ubuntu5.3_arm64.deb (44.0 KiB)
• libelf-dev_0.158-0ubuntu5.3_armhf.deb (45.7 KiB)
• libelf-dev_0.158-0ubuntu5.3_i386.deb (48.8 KiB)
• libelf-dev_0.158-0ubuntu5.3_powerpc.deb (48.9 KiB)
• libelf-dev_0.158-0ubuntu5.3_ppc64el.deb (47.6 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_amd64.ddeb (111.6 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_arm64.ddeb (117.3 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_armhf.ddeb (116.5 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_i386.ddeb (111.8 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_powerpc.ddeb (113.7 KiB)
• libelf1-dbgsym_0.158-0ubuntu5.3_ppc64el.ddeb (114.2 KiB)
• libelf1_0.158-0ubuntu5.3_amd64.deb (37.4 KiB)
• libelf1_0.158-0ubuntu5.3_arm64.deb (32.8 KiB)
• libelf1_0.158-0ubuntu5.3_armhf.deb (37.3 KiB)
• libelf1_0.158-0ubuntu5.3_i386.deb (41.8 KiB)
• libelf1_0.158-0ubuntu5.3_powerpc.deb (40.5 KiB)
• libelf1_0.158-0ubuntu5.3_ppc64el.deb (36.6 KiB)