Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dirkmueller:acdc:as_python3_module
patchinfo.26690
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.26690
<patchinfo incident="26690"> <issue tracker="jsc" id="SLE-25046"/> <issue tracker="jsc" id="PED-2035"/> <issue tracker="jsc" id="PED-2030"/> <issue tracker="jsc" id="SLE-25047"/> <issue tracker="jsc" id="PED-2032"/> <issue tracker="jsc" id="PED-2031"/> <issue tracker="jsc" id="PED-2038"/> <issue tracker="jsc" id="PED-2029"/> <issue tracker="jsc" id="PED-2033"/> <issue tracker="jsc" id="PED-2034"/> <issue tracker="bnc" id="1202969">VUL-0: CVE-2021-3826: binutils: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c</issue> <issue tracker="bnc" id="1202967">VUL-0: CVE-2022-38127: binutils: NULL pointer dereference in the read_and_display_attr_value() function in binutils/dwarf.c</issue> <issue tracker="bnc" id="1197592">VUL-0: CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const</issue> <issue tracker="bnc" id="1142579">VUL-1: CVE-2019-1010204: binutils: out-of-bounds read in elfcpp/elfcpp_file.h</issue> <issue tracker="bnc" id="1202816">VUL-0: CVE-2022-38533: binutils: heap out-of-bounds read in bfd_getl32</issue> <issue tracker="bnc" id="1198237">SLES 15 SP4 RC1 - BINUTILS: Please add official IBM z16 name</issue> <issue tracker="bnc" id="1185712">cross-arm-binutils missing symlinks</issue> <issue tracker="bnc" id="1202966">VUL-0: CVE-2022-38126: binutils: Assertion fail in the display_debug_names() function in binutils/dwarf.c</issue> <issue tracker="bnc" id="1194783">VUL-1: CVE-2021-46195: binutils: uncontrolled recursion in libiberty/rust-demangle.c</issue> <issue tracker="bnc" id="1191473">rpath related failures on x86_64</issue> <issue tracker="bnc" id="1185597">VUL-1: CVE-2021-3530: binutils: stack-based buffer overflow in demangle_path() in rust-demangle.c</issue> <issue tracker="bnc" id="1193929">VUL-1: CVE-2021-45078: binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c</issue> <issue tracker="bnc" id="1188374">VUL-1: CVE-2021-3648: binutils: infinite loop while demangling rust symbols</issue> <issue tracker="cve" id="2022-38533"/> <issue tracker="cve" id="2021-3530"/> <issue tracker="cve" id="2021-3826"/> <issue tracker="cve" id="2022-38127"/> <issue tracker="cve" id="2021-46195"/> <issue tracker="cve" id="2019-1010204"/> <issue tracker="cve" id="2021-45078"/> <issue tracker="cve" id="2022-27943"/> <issue tracker="cve" id="2022-38126"/> <issue tracker="cve" id="2021-3648"/> <packager>matz2</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for binutils</summary> <description>This update for binutils fixes the following issues: The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcpp_file.h (bsc#1142579). - CVE-2021-3530: Fixed stack-based buffer overflow in demangle_path() in rust-demangle.c (bsc#1185597). - CVE-2021-3648: Fixed infinite loop while demangling rust symbols (bsc#1188374). - CVE-2021-3826: Fixed heap/stack buffer overflow in the dlang_lname function in d-demangle.c (bsc#1202969). - CVE-2021-45078: Fixed out-of-bounds write in stab_xcoff_builtin_type() in stabs.c (bsc#1193929). - CVE-2021-46195: Fixed uncontrolled recursion in libiberty/rust-demangle.c (bsc#1194783). - CVE-2022-27943: Fixed stack exhaustion in demangle_const in (bsc#1197592). - CVE-2022-38126: Fixed assertion fail in the display_debug_names() function in binutils/dwarf.c (bsc#1202966). - CVE-2022-38127: Fixed NULL pointer dereference in the read_and_display_attr_value() function in binutils/dwarf.c (bsc#1202967). - CVE-2022-38533: Fixed heap out-of-bounds read in bfd_getl32 (bsc#1202816). The following non-security bugs were fixed: - SLE toolchain update of binutils, update to 2.39 from 2.37. - Update to 2.39: * The ELF linker will now generate a warning message if the stack is made executable. Similarly it will warn if the output binary contains a segment with all three of the read, write and execute permission bits set. These warnings are intended to help developers identify programs which might be vulnerable to attack via these executable memory regions. The warnings are enabled by default but can be disabled via a command line option. It is also possible to build a linker with the warnings disabled, should that be necessary. * The ELF linker now supports a --package-metadata option that allows embedding a JSON payload in accordance to the Package Metadata specification. * In linker scripts it is now possible to use TYPE=<type> in an output section description to set the section type value. * The objdump program now supports coloured/colored syntax highlighting of its disassembler output for some architectures. (Currently: AVR, RiscV, s390, x86, x86_64). * The nm program now supports a --no-weak/-W option to make it ignore weak symbols. * The readelf and objdump programs now support a -wE option to prevent them from attempting to access debuginfod servers when following links. * The objcopy program's --weaken, --weaken-symbol, and --weaken-symbols options now works with unique symbols as well. - Update to 2.38: * elfedit: Add --output-abiversion option to update ABIVERSION. * Add support for the LoongArch instruction set. * Tools which display symbols or strings (readelf, strings, nm, objdump) have a new command line option which controls how unicode characters are handled. By default they are treated as normal for the tool. Using --unicode=locale will display them according to the current locale. Using --unicode=hex will display them as hex byte values, whilst --unicode=escape will display them as escape sequences. In addition using --unicode=highlight will display them as unicode escape sequences highlighted in red (if supported by the output device). * readelf -r dumps RELR relative relocations now. * Support for efi-app-aarch64, efi-rtdrv-aarch64 and efi-bsdrv-aarch64 has been added to objcopy in order to enable UEFI development using binutils. * ar: Add --thin for creating thin archives. -T is a deprecated alias without diagnostics. In many ar implementations -T has a different meaning, as specified by X/Open System Interface. * Add support for AArch64 system registers that were missing in previous releases. * Add support for the LoongArch instruction set. * Add a command-line option, -muse-unaligned-vector-move, for x86 target to encode aligned vector move as unaligned vector move. * Add support for Cortex-R52+ for Arm. * Add support for Cortex-A510, Cortex-A710, Cortex-X2 for AArch64. * Add support for Cortex-A710 for Arm. * Add support for Scalable Matrix Extension (SME) for AArch64. * The --multibyte-handling=[allow|warn|warn-sym-only] option tells the assembler what to when it encoutners multibyte characters in the input. The default is to allow them. Setting the option to "warn" will generate a warning message whenever any multibyte character is encountered. Using the option to "warn-sym-only" will make the assembler generate a warning whenever a symbol is defined containing multibyte characters. (References to undefined symbols will not generate warnings). * Outputs of .ds.x directive and .tfloat directive with hex input from x86 assembler have been reduced from 12 bytes to 10 bytes to match the output of .tfloat directive. * Add support for 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and 'armv9.3-a' for -march in AArch64 GAS. * Add support for 'armv8.7-a', 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and 'armv9.3-a' for -march in Arm GAS. * Add support for Intel AVX512_FP16 instructions. * Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF linker to pack relative relocations in the DT_RELR section. * Add support for the LoongArch architecture. * Add -z indirect-extern-access/-z noindirect-extern-access to x86 ELF linker to control canonical function pointers and copy relocation. * Add --max-cache-size=SIZE to set the the maximum cache size to SIZE bytes. - Explicitly enable --enable-warn-execstack=yes and --enable-warn-rwx-segments=yes. - Add gprofng subpackage. - Include recognition of 'z16' name for 'arch14' on s390. (bsc#1198237). - Add back fix for bsc#1191473, which got lost in the update to 2.38. - Install symlinks for all target specific tools on arm-eabi-none (bsc#1185712). - Enable PRU architecture for AM335x CPU (Beagle Bone Black board) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor