Format: 1.8 Date: Mon, 09 Feb 2015 02:27:20 -0800 Source: binutils Binary: binutils binutils-dev binutils-multiarch binutils-gold binutils-static binutils-static-udeb binutils-hppa64 binutils-spu binutils-doc binutils-source Architecture: armel armel_translations Version: 2.20.1-3ubuntu7.2 Distribution: lucid Urgency: medium Maintainer: Ubuntu/armhf Build Daemon Changed-By: Steve Beattie Description: binutils - The GNU assembler, linker and binary utilities binutils-dev - The GNU binary utilities (BFD development files) binutils-doc - Documentation for the GNU assembler, linker and binary utilities binutils-gold - The (experimental) GNU gold linker utility binutils-hppa64 - The GNU assembler, linker and binary utilities targeted for hppa6 binutils-multiarch - Binary utilities that support multi-arch targets binutils-source - The GNU assembler, linker and binary utilities (source) binutils-spu - The GNU assembler, linker and binary utilities targeted for spu-e binutils-static - statically linked binutils tools binutils-static-udeb - statically linked binutils tools for for the Debian installer Changes: binutils (2.20.1-3ubuntu7.2) lucid-security; urgency=medium . * SECURITY UPDATE: integer overflow in objalloc_alloc - debian/patches/300-CVE-2012-3509.dpatch: Add overflow check covering alignment and CHUNK_HEADER_SIZE addition. - CVE-2012-3509 * SECURITY UPDATE: out-of-bounds read in srec_scan of bfd/srec.c - debian/patches/301-CVE-2014-8484.dpatch: report an error for S-records with less than the miniumum size - CVE-2014-8484 * SECURITY UPDATE: incorrect memory handling around corrupt group section headers - debian/patches/302-CVE-2014-8485.dpatch: Improve handling of corrupt group sections - CVE-2014-8485 * SECURITY UPDATE: out-of-bounds write in _bfd_XXi_swap_aouthdr_in - debian/patches/303-CVE-2014-8501.dpatch: Handle corrupt binaries with an invalid value for NumberOfRvaAndSizes. - CVE-2014-8501 * SECURITY UPDATE: pe_print_edata buffer overflow - debian/patches/304-CVE-2014-8502.dpatch: Detect out of range and truncated rvas or entry counts - CVE-2014-8502 * SECURITY UPDATE: ihex_scan buffer overflow - debian/patches/305-CVE-2014-8503.dpatch: Fix typo in invocation of ihex_bad_byte. - CVE-2014-8503 * SECURITY UPDATE: srec_scan buffer overflow - debian/patches/306-CVE-2014-8504.dpatch: Increase size of buf - CVE-2014-8504 * SECURITY UPDATE: directory traversal vulnerabilities - debian/patches/307-CVE-2014-8737.dpatch: disallow paths that include ../ - CVE-2014-8737 * SECURITY UPDATE: _bfd_slurp_extended_name_table out-of-bounds write - debian/patches/308-CVE-2014-8738.dpatch: Handle archives with corrupt extended name tables. - CVE-2014-8738 * SECURITY UPDATE: multiple miscellaneous overflows and out-of-bounds reads and writes - debian/patches/309-bz17512-misc.dpatch: fix invalid memory accesses. * Security hardening: don't use libbfd by default in strings(1) - debian/patches/310-harden_strings.dpatch: Add new command line option --data to only scan the initialized, loadable data sections of binaries, using libbfd; make --all the default. Checksums-Sha1: 58152f3287e66cfe427284b6cc99afc803ec0f9c 1475080 binutils_2.20.1-3ubuntu7.2_armel.deb 8f70bdefa6c3b0cedf0baea224a0d702632b23b9 2712848 binutils-dev_2.20.1-3ubuntu7.2_armel.deb 5389cb84748a08575e7c4ad218bf919fd26b4dc8 1992990 binutils-multiarch_2.20.1-3ubuntu7.2_armel.deb ec173b99cbbc5d386e54c128d72bcbe43d6024ae 642328 binutils-static_2.20.1-3ubuntu7.2_armel.deb 92cb8aa852a723fb2fd9e99d8bd490c93e5564a9 603752 binutils-static-udeb_2.20.1-3ubuntu7.2_armel.udeb b542f6574473899bf9f7c3d5c23c4d53b790bb42 617054 binutils-gold_2.20.1-3ubuntu7.2_armel.deb 83544c05543a03289689a1a037f3157d44f45622 3617312 binutils_2.20.1-3ubuntu7.2_armel_translations.tar.gz Checksums-Sha256: acba2606726ba075a64dba376a944ed632295b2507df82dbd3c7f8fb5eba9685 1475080 binutils_2.20.1-3ubuntu7.2_armel.deb 2fd7f699d1bb3fa830ae541635aa4387ad835ca1f82cbb98b12a5c90c81a5b3c 2712848 binutils-dev_2.20.1-3ubuntu7.2_armel.deb 9975d7eff1edd6460608008665dff469c8c18164435d53db811b45a820ff431f 1992990 binutils-multiarch_2.20.1-3ubuntu7.2_armel.deb 6a0dde97f0ffe856bad2b66872aec8a1378cc19e92604280859807c0cdda45ed 642328 binutils-static_2.20.1-3ubuntu7.2_armel.deb 45e92321817c0250db57d69aef819dd28bb7a7c96085871f277b006b1b9f560d 603752 binutils-static-udeb_2.20.1-3ubuntu7.2_armel.udeb 9b5dbb2078145ff439c802c44c8ba2bd5b13c6a58cf7e81d549d79f63f005729 617054 binutils-gold_2.20.1-3ubuntu7.2_armel.deb 666ada191da35d93d3151776336dbf49db5e2ac31b6bbc91d78a1a9dd080f7ad 3617312 binutils_2.20.1-3ubuntu7.2_armel_translations.tar.gz Files: 8d2e4693f452463c3891a65d39e2b7df 1475080 devel optional binutils_2.20.1-3ubuntu7.2_armel.deb efdd0fbc4190ab726ebc40088a23d411 2712848 devel extra binutils-dev_2.20.1-3ubuntu7.2_armel.deb 72e07cbe07045750d2a158479cddaf85 1992990 devel extra binutils-multiarch_2.20.1-3ubuntu7.2_armel.deb a1258994b41b126a4c7a2ccefd93a220 642328 devel optional binutils-static_2.20.1-3ubuntu7.2_armel.deb 2d9d8f9bc9866a3a8543603cbec9df9b 603752 debian-installer optional binutils-static-udeb_2.20.1-3ubuntu7.2_armel.udeb 609b02012b2a11695733dab8ad54a2e7 617054 devel extra binutils-gold_2.20.1-3ubuntu7.2_armel.deb bcc05dd05597e1961f671e22e325d84b 3617312 raw-translations - binutils_2.20.1-3ubuntu7.2_armel_translations.tar.gz Original-Maintainer: Matthias Klose