Revisions of elfutils

Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 11)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 10)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 9)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 8)
Michal Suchanek's avatar Michal Suchanek (michals) accepted request 906717 from Michal Suchanek's avatar Michal Suchanek (michals) (revision 7)
  - CVE-2017-7608: heap-based buffer overflow in
    over-read and application crash) via a crafted ELF file (bnc#1033089)
Michal Suchanek's avatar Michal Suchanek (michals) accepted request 906714 from Michal Suchanek's avatar Michal Suchanek (michals) (revision 6)
  Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664
  - CVE-2019-7150: dwfl_segment_report_module doesn't check whether
    the dyn data read from core file is truncated (bnc#1123685)
  - CVE-2019-7665: NT_PLATFORM core file note should be a zero
    terminated string (CVE is a bit misleading, as this is not a bug
    in libelf as described) (bnc#1125007)
  - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the
    function arlib_add_symbols() used by eu-ranlib (bnc#1112723)
  - CVE-2018-18310: Invalid Address Read problem in
    dwfl_segment_report_module.c (bnc#1111973)
  - CVE-2018-18520: eu-size: Bad handling of ar files inside are
    files (bnc#1112726)
  - CVE-2018-16402: libelf: denial of service/double free on an
    attempt to decompress the same section twice (bnc#1107066)
    Double-free crash in nm and readelf
  - CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067)
  - CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
  - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and
    application crash) via a crafted ELF file (bnc#1033088)
  - CVE-2017-7610: elflint: heap-based buffer overflow in check_group
    (bnc#1033087)
  - CVE-2017-7609: memory allocation failure in __libelf_decompress
    (bnc#1033086)
  - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi
    (readelf.c) (bnc#1033084)
  - CVE-2016-7608: heap-based buffer overflow in
    ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085)
  - CVE-2017-7613: elfutils: denial of service (memory consumption)
    via a crafted ELF file (bnc#1033090)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 5)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 4)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 3)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 2)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 1)
Displaying all 11 revisions
openSUSE Build Service is sponsored by