[ubuntu/bionic-updates] libiberty 20170913-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Apr 8 15:28:15 UTC 2020
libiberty (20170913-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: stack Exhaustion in C++ demangling
- debian/patches/CVE-2018-9138.patch: limit recusion and add
--no-recruse-limit option to tools that support name demangling.
- debian/patches/CVE-2018-9138-2.patch: fix a failure in the libiberty
testsuite by increasing the recursion limit to 2048.
- CVE-2018-9138
- CVE-2018-12641
- CVE-2018-12697
- CVE-2018-12698
- CVE-2018-17794
- CVE-2018-17985
- CVE-2018-18484
- CVE-2018-18700
- CVE-2018-18701
* SECURITY UPDATE: excessive memory consumption
- debian/patches/CVE-2018-12934.patch: remove support for demangling
GCC 2.x era mangling schemes.
- CVE-2018-12934
- CVE-2018-18483
* SECURITY UPDATE: stack consumption and heap-based buffer over-read
- debian/patches/CVE-2019-907x.patch: reject negative lengths and add
recursion counter.
- CVE-2019-9070
- CVE-2019-9071
* SECURITY UPDATE: integer overflow and heap-based buffer overflow
- debian/patches/CVE-2019-14250.patch: check zero value shstrndx.
- CVE-2019-14250
Date: 2020-04-01 16:35:26.751547+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libiberty/20170913-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list