– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Gentoo Linux Security Advisory GLSA 201801-01
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
https://security.gentoo.org/
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Severity: Normal
Title: Binutils: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #624700, #627516, #628538, #629344, #629922, #631324,
#632100, #632132, #632384, #632668, #633988, #635218,
#635692, #635860, #635968
ID: 201801-01
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Synopsis
========
Multiple vulnerabilities have been found in Binutils, the worst of
which may allow remote attackers to cause a Denial of Service
condition.
Background
==========
The GNU Binutils are a collection of tools to create, modify and
analyse binary files. Many of the files use BFD, the Binary File
Descriptor library, to do low-level manipulation.
Affected packages
=================
——————————————————————-
Package / Vulnerable / Unaffected
——————————————————————-
1 sys-devel/binutils < 2.29.1-r1 >= 2.29.1-r1
Description
===========
Multiple vulnerabilities have been discovered in Binutils. Please
review the referenced CVE identifiers for details.
Impact
======
A remote attacker, by enticing a user to compile/execute a specially
crafted ELF, tekhex, PE, or binary file, could possibly cause a Denial
of Service condition.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All Binutils users should upgrade to the latest version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=sys-devel/binutils-2.29.1-r1”
References
==========
[ 1 ] CVE-2017-12456
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12456
[ 2 ] CVE-2017-12799
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12799
[ 3 ] CVE-2017-12967
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12967
[ 4 ] CVE-2017-14128
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14128
[ 5 ] CVE-2017-14129
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14129
[ 6 ] CVE-2017-14130
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14130
[ 7 ] CVE-2017-14333
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14333
[ 8 ] CVE-2017-15023
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15023
[ 9 ] CVE-2017-15938<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0//EN” “http://www.w3.org/TR/REC-html40/strict.dtd”>
<html><head><meta name=”qrichtext” content=”1″ /><style type=”text/css”>
p, li { white-space: pre-wrap; }
</style></head><body style=” font-family:’Noto Sans’; font-size:10pt; font-weight:400; font-style:normal;”>
<p style=” margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Gentoo Linux Security Advisory GLSA 201801-01</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://security.gentoo.org/</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Severity: Normal</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Title: Binutils: Multiple vulnerabilities</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Date: January 07, 2018</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Bugs: #624700, #627516, #628538, #629344, #629922, #631324,</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> #632100, #632132, #632384, #632668, #633988, #635218,</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> #635692, #635860, #635968</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ID: 201801-01</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Synopsis</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Multiple vulnerabilities have been found in Binutils, the worst of</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>which may allow remote attackers to cause a Denial of Service</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>condition.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Background</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>The GNU Binutils are a collection of tools to create, modify and</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>analyse binary files. Many of the files use BFD, the Binary File</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Descriptor library, to do low-level manipulation.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Affected packages</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=================</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ——————————————————————-</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Package / Vulnerable / Unaffected</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ——————————————————————-</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> 1 sys-devel/binutils < 2.29.1-r1 >= 2.29.1-r1 </span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Description</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>===========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Multiple vulnerabilities have been discovered in Binutils. Please</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>review the referenced CVE identifiers for details.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Impact</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>======</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>A remote attacker, by enticing a user to compile/execute a specially</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>crafted ELF, tekhex, PE, or binary file, could possibly cause a Denial</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>of Service condition.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Workaround</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>There are no known workarounds at this time.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Resolution</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>All Binutils users should upgrade to the latest version:</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge –sync</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge –ask –oneshot –verbose ">=sys-devel/binutils-2.29.1-r1"</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>References</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 1 ] CVE-2017-12456</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12456</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 2 ] CVE-2017-12799</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12799</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 3 ] CVE-2017-12967</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12967</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 4 ] CVE-2017-14128</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14128</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 5 ] CVE-2017-14129</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14129</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 6 ] CVE-2017-14130</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14130</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 7 ] CVE-2017-14333</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14333</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 8 ] CVE-2017-15023</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15023</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 9 ] CVE-2017-15938</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15938</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 10 ] CVE-2017-15939</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15939</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 11 ] CVE-2017-15996</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15996</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 12 ] CVE-2017-7209</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7209</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 13 ] CVE-2017-7210</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7210</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 14 ] CVE-2017-7223</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7223</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 15 ] CVE-2017-7224</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7224</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 16 ] CVE-2017-7225</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7225</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 17 ] CVE-2017-7227</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7227</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 18 ] CVE-2017-9743</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9743</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 19 ] CVE-2017-9746</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9746</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 20 ] CVE-2017-9749</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9749</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 21 ] CVE-2017-9750</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9750</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 22 ] CVE-2017-9751</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9751</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 23 ] CVE-2017-9755</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9755</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 24 ] CVE-2017-9756</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9756</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Availability</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>============</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>This GLSA and any updates to it are available for viewing at</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>the Gentoo Security Website:</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://security.gentoo.org/glsa/201801-01</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Concerns?</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Security is a primary focus of Gentoo Linux and ensuring the</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>confidentiality and security of our users’ machines is of utmost</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>importance to us. Any security concerns should be addressed to</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>security@gentoo.org or alternatively, you may file a bug at</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>https://bugs.gentoo.org.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>License</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=======</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Copyright 2018 Gentoo Foundation, Inc; referenced text</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>belongs to its owner(s).</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>The contents of this document are licensed under the</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Creative Commons – Attribution / Share Alike license.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>http://creativecommons.org/licenses/by-sa/2.5</span></p></body></html>—–BEGIN PGP SIGNATURE—–
iQEzBAABCAAdFiEEiDRK3jyVBE/RkymqpRQw84X1dt0FAlpSqNUACgkQpRQw84X1
dt08Gwf/QFkJVuwlBaED7msBju0E2rQECKnO7Vl35NIZ9ZjoS0kHRrCAMpCYGF2P
0SRqD/GukoVDuvpDAYqg5MrdK4jHJhBPnNvzaggbT0v3jFnDtFwLEIFjOBT158SG
fdkQQPWVazxydSyvaTQp/bvAbkihXlwkRSI8VJ67yKVAmBakU0FhbawhHVUshBAv
ooQ3yZt9XxpT2/Q+c1I8zplBXZrAVq0T4XDgCK+VYnq86/IZUXzPb6CNochesz4V
UiMk+YGpKQNAQDvfjUa3lpcJkyFiQHdawBP2FhNFkXNL8x2yqHHxNi38mZRrO9h/
9ASqr2C9ntPJc88D728+B3A3UcrHVA==
=5hai
—–END PGP SIGNATURE—–