You are here
Home > Preporuke > Ranjivosti programskog paketa cross-binutils

Ranjivosti programskog paketa cross-binutils

——————————————————————————–
Fedora Update Notification
FEDORA-2015-0471
2015-01-09 11:07:06
——————————————————————————–

Name : cross-binutils
Product : Fedora 20
Version : 2.25
Release : 3.fc20
URL : http://sources.redhat.com/binutils
Summary : A GNU collection of cross-compilation binary utilities
Description :
Binutils is a collection of binary utilities, including ar (for
creating, modifying and extracting from archives), as (a family of GNU
assemblers), gprof (for displaying call graph profile data), ld (the
GNU linker), nm (for listing symbols from object files), objcopy (for
copying and translating object files), objdump (for displaying
information from object files), ranlib (for generating an index for
the contents of an archive), readelf (for displaying detailed
information about binary files), size (for listing the section sizes
of an object or archive file), strings (for listing printable strings
from files), strip (for discarding symbols), and addr2line (for
converting addresses to file and line).

——————————————————————————–
Update Information:

Upgrade to binutils-2.25 thus fixing a number of security bugs
——————————————————————————–
ChangeLog:

* Wed Jan 7 2015 David Howells <dhowells@redhat.com> – 2.25-2
– Fix up the target for SH64 and cease mixing 32-bit SH targets with SH64.
– SH64: Work around flags not getting set on incremental link of .a into .o [binutils bz 17288].
* Mon Jan 5 2015 David Howells <dhowells@redhat.com> – 2.25-1
– Sync with binutils-2.25 to pick up fixes.
Resolves: BZ #1162577, #1162601, #1162611, #1162625
* Thu Nov 13 2014 David Howells <dhowells@redhat.com> – 2.24-7
– Fix problems with the ar program reported in FSF PR 17533.
Resolves: BZ #1162672, #1162659
* Wed Nov 12 2014 David Howells <dhowells@redhat.com> – 2.24-6
– Sync with binutils to pick up fixes.
– Backport binutils 2.4 upstream branch to pick up more fixes.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.24-6
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jul 18 2014 David Howells <dhowells@redhat.com> – 2.24-5
– Add NIOS2 arch support.
* Mon Jun 16 2014 David Howells <dhowells@redhat.com> – 2.24-4
– Fix gcc-4.9 new compile error in m68k handler in gas.
* Wed Jun 11 2014 David Howells <dhowells@redhat.com> – 2.24-4
– Sync with binutils-2.24-15 fixing the bfd_set_section_alignment() error [BZ 1106093]
– Apply the changes on binutils-2_24-branch in git to cab6c3ee9785f072a373afe31253df0451db93cf.
* Fri Mar 28 2014 David Howells <dhowells@redhat.com> – 2.24-2
– A sysroot of / is bad, so make it /usr/<program-prefix>/sys-root/.
* Thu Mar 27 2014 David Howells <dhowells@redhat.com> – 2.24-1
– Fix formatless sprintfs in Score.
* Wed Mar 26 2014 David Howells <dhowells@redhat.com> – 2.24-1
– Update to binutils-2.24-1.
– Add metag arch support.
——————————————————————————–
References:

[ 1 ] Bug #1162577 – CVE-2014-8501 cross-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162577
[ 2 ] Bug #1162601 – CVE-2014-8502 cross-binutils: binutils: heap overflow in objdump [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162601
[ 3 ] Bug #1162611 – CVE-2014-8503 cross-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162611
[ 4 ] Bug #1162625 – CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162625
[ 5 ] Bug #1162659 – cross-binutils: binutils: directory traversal vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162659
[ 6 ] Bug #1162672 – cross-binutils: binutils: out of bounds memory write [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162672
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update cross-binutils’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-0461
2015-01-09 11:06:44
——————————————————————————–

Name : cross-binutils
Product : Fedora 21
Version : 2.25
Release : 3.fc21
URL : http://sources.redhat.com/binutils
Summary : A GNU collection of cross-compilation binary utilities
Description :
Binutils is a collection of binary utilities, including ar (for
creating, modifying and extracting from archives), as (a family of GNU
assemblers), gprof (for displaying call graph profile data), ld (the
GNU linker), nm (for listing symbols from object files), objcopy (for
copying and translating object files), objdump (for displaying
information from object files), ranlib (for generating an index for
the contents of an archive), readelf (for displaying detailed
information about binary files), size (for listing the section sizes
of an object or archive file), strings (for listing printable strings
from files), strip (for discarding symbols), and addr2line (for
converting addresses to file and line).

——————————————————————————–
Update Information:

Upgrade to binutils-2.25 thus fixing a number of security bugs
——————————————————————————–
ChangeLog:

* Wed Jan 7 2015 David Howells <dhowells@redhat.com> – 2.25-2
– Fix up the target for SH64 and cease mixing 32-bit SH targets with SH64.
– SH64: Work around flags not getting set on incremental link of .a into .o [binutils bz 17288].
* Mon Jan 5 2015 David Howells <dhowells@redhat.com> – 2.25-1
– Sync with binutils-2.25 to pick up fixes.
Resolves: BZ #1162577, #1162601, #1162611, #1162625
* Thu Nov 13 2014 David Howells <dhowells@redhat.com> – 2.24-7
– Fix problems with the ar program reported in FSF PR 17533.
Resolves: BZ #1162672, #1162659
* Wed Nov 12 2014 David Howells <dhowells@redhat.com> – 2.24-6
– Sync with binutils to pick up fixes.
– Backport binutils 2.4 upstream branch to pick up more fixes.
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update cross-binutils’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
7e

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa libsndfile

Otkriven je sigurnosni nedostatak u programskom paketu libsndfile za operacijski sustav Fedora 20. Otkriveni nedostatak je posljedica dijeljena s nulom....

Close