binutils 2.20.1-3ubuntu7.2 source package in Ubuntu
Changelog
binutils (2.20.1-3ubuntu7.2) lucid-security; urgency=medium
* SECURITY UPDATE: integer overflow in objalloc_alloc
- debian/patches/300-CVE-2012-3509.dpatch: Add overflow check
covering alignment and CHUNK_HEADER_SIZE addition.
- CVE-2012-3509
* SECURITY UPDATE: out-of-bounds read in srec_scan of bfd/srec.c
- debian/patches/301-CVE-2014-8484.dpatch: report an error for
S-records with less than the miniumum size
- CVE-2014-8484
* SECURITY UPDATE: incorrect memory handling around corrupt group
section headers
- debian/patches/302-CVE-2014-8485.dpatch: Improve handling of
corrupt group sections
- CVE-2014-8485
* SECURITY UPDATE: out-of-bounds write in _bfd_XXi_swap_aouthdr_in
- debian/patches/303-CVE-2014-8501.dpatch: Handle corrupt binaries
with an invalid value for NumberOfRvaAndSizes.
- CVE-2014-8501
* SECURITY UPDATE: pe_print_edata buffer overflow
- debian/patches/304-CVE-2014-8502.dpatch: Detect out of
range and truncated rvas or entry counts
- CVE-2014-8502
* SECURITY UPDATE: ihex_scan buffer overflow
- debian/patches/305-CVE-2014-8503.dpatch: Fix typo in
invocation of ihex_bad_byte.
- CVE-2014-8503
* SECURITY UPDATE: srec_scan buffer overflow
- debian/patches/306-CVE-2014-8504.dpatch: Increase size of buf
- CVE-2014-8504
* SECURITY UPDATE: directory traversal vulnerabilities
- debian/patches/307-CVE-2014-8737.dpatch: disallow paths that
include ../
- CVE-2014-8737
* SECURITY UPDATE: _bfd_slurp_extended_name_table out-of-bounds write
- debian/patches/308-CVE-2014-8738.dpatch: Handle archives
with corrupt extended name tables.
- CVE-2014-8738
* SECURITY UPDATE: multiple miscellaneous overflows and out-of-bounds
reads and writes
- debian/patches/309-bz17512-misc.dpatch: fix invalid memory
accesses.
* Security hardening: don't use libbfd by default in strings(1)
- debian/patches/310-harden_strings.dpatch: Add new command
line option --data to only scan the initialized, loadable data
sections of binaries, using libbfd; make --all the default.
-- Steve Beattie <email address hidden> Mon, 09 Feb 2015 02:27:20 -0800
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Lucid
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| binutils_2.20.1.orig.tar.gz | 22.2 MiB | 6bf9d2f70c43656d0a2b5da36bad2691f8b3d3a3635d88fefed57350a3fe729d |
| binutils_2.20.1-3ubuntu7.2.diff.gz | 142.2 KiB | 68c90fc62ef298b39f8cb7eae1ad9f006debc9e64d6b97502bb778fd3ad29c83 |
| binutils_2.20.1-3ubuntu7.2.dsc | 2.0 KiB | 3112aeb9a6122cdcfb4ab71a73ec4116c90ae3e4256e653f4386c4272eae19d2 |
Available diffs
Binary packages built by this source
- binutils: No summary available for binutils in ubuntu lucid.
No description available for binutils in ubuntu lucid.
- binutils-dev: No summary available for binutils-dev in ubuntu lucid.
No description available for binutils-dev in ubuntu lucid.
- binutils-doc: No summary available for binutils-doc in ubuntu lucid.
No description available for binutils-doc in ubuntu lucid.
- binutils-gold: No summary available for binutils-gold in ubuntu lucid.
No description available for binutils-gold in ubuntu lucid.
- binutils-multiarch: No summary available for binutils-multiarch in ubuntu lucid.
No description available for binutils-multiarch in ubuntu lucid.
- binutils-source: No summary available for binutils-source in ubuntu lucid.
No description available for binutils-source in ubuntu lucid.
- binutils-spu: No summary available for binutils-spu in ubuntu lucid.
No description available for binutils-spu in ubuntu lucid.
- binutils-static: No summary available for binutils-static in ubuntu lucid.
No description available for binutils-static in ubuntu lucid.
- binutils-static-udeb: No summary available for binutils-static-udeb in ubuntu lucid.
No description available for binutils-
static- udeb in ubuntu lucid.
