[ubuntu/focal-security] binutils 2.34-6ubuntu1.7 (Accepted)
Nick Galanis
nick.galanis at canonical.com
Mon Dec 11 11:07:10 UTC 2023
binutils (2.34-6ubuntu1.7) focal-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in libbfd.c
- debian/patches/CVE-2020-19726-1.patch: check that buffer contains
required number of auxents before processing any auxent (coffgen.c) and
only swap in extended file name from auxents for PE (coffswap.h).
- debian/patches/CVE-2020-19726-2.patch: fix off-by-one error in check for
aux entries that overflow the buffer (coff_get_normalized_symtab,
coffgen.c).
- CVE-2020-19726
* SECURITY UPDATE: heap buffer overflow in rddbg.c
- debian/patches/CVE-2021-46174.patch: don't read past end of section when
concatenating stab strings (read_section_stabs_debugging_info).
- CVE-2021-46174
* SECURITY UPDATE: reachable assertion failure in dwarf.c
- debian/patches/CVE-2022-35205.patch: replace assert with a warning
message (display_debug_names).
- CVE-2022-35205
Date: 2023-12-01 16:48:09.540462+00:00
Changed-By: Nick Galanis <nick.galanis at canonical.com>
https://launchpad.net/ubuntu/+source/binutils/2.34-6ubuntu1.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list