- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-5015
2014-04-14 21:55:40
——————————————————————————–
Name : elfutils
Product : Fedora 20
Version : 0.158
Release : 3.fc20
URL : https://fedorahosted.org/elfutils/
Summary : A collection of utilities and DSOs to handle compiled objects
Description :
Elfutils is a collection of utilities, including ld (a linker),
nm (for listing symbols from object files), size (for listing the
section sizes of an object or archive file), strip (for discarding
symbols), readelf (to see the raw ELF file structures), and elflint
(to check for well-formed ELF files).
——————————————————————————–
Update Information:
Fix CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw.
Update to 0.158. Support for aarch64. Unwinder support for i386, x86_64, s390, s390x, ppc and ppc64. Add eu-stack.
——————————————————————————–
ChangeLog:
* Thu Apr 10 2014 Mark Wielaard <mjw@redhat.com> – 0.158-3
– Add elfutils-0.158-CVE-2014-0172.patch (#1085729)
* Tue Mar 11 2014 Mark Wielaard <mjw@redhat.com> – 0.158-2
– Add elfutils-0.158-mod-e_type.patch.
* Mon Jan 6 2014 Mark Wielaard <mjw@redhat.com> – 0.158-1
– Update to 0.158. Remove all patches now upstream. Add eu-stack.
* Thu Dec 19 2013 Mark Wielaard <mjw@redhat.com> – 0.157-4
– Add elfutils-0.157-aarch64-got-special-symbol.patch.
– Remove -Werror=format-security from RPM_OPT_FLAGS.
* Fri Dec 13 2013 Petr Machata <pmachata@redhat.com> – 0.157-3
– Add upstream support for aarch64
* Wed Oct 9 2013 Mark Wielaard <mjw@redhat.com> 0.157-2
– Show tests/test-suite.log in build.log when make check fails.
——————————————————————————–
References:
[ 1 ] Bug #1085663 – CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
https://bugzilla.redhat.com/show_bug.cgi?id=1085663
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update elfutils’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-5031
2014-04-14 21:56:21
——————————————————————————–
Name : elfutils
Product : Fedora 19
Version : 0.158
Release : 3.fc19
URL : https://fedorahosted.org/elfutils/
Summary : A collection of utilities and DSOs to handle compiled objects
Description :
Elfutils is a collection of utilities, including ld (a linker),
nm (for listing symbols from object files), size (for listing the
section sizes of an object or archive file), strip (for discarding
symbols), readelf (to see the raw ELF file structures), and elflint
(to check for well-formed ELF files).
——————————————————————————–
Update Information:
Fix CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw.
Update to 0.158. Support for aarch64. Unwinder support for i386, x86_64, s390, s390x, ppc and ppc64. Add eu-stack.
——————————————————————————–
ChangeLog:
* Thu Apr 10 2014 Mark Wielaard <mjw@redhat.com> – 0.158-3
– Add elfutils-0.158-CVE-2014-0172.patch (#1085729)
* Tue Mar 11 2014 Mark Wielaard <mjw@redhat.com> – 0.158-2
– Add elfutils-0.158-mod-e_type.patch.
* Mon Jan 6 2014 Mark Wielaard <mjw@redhat.com> – 0.158-1
– Update to 0.158. Remove all patches now upstream. Add eu-stack.
* Thu Dec 19 2013 Mark Wielaard <mjw@redhat.com> – 0.157-4
– Add elfutils-0.157-aarch64-got-special-symbol.patch.
– Remove -Werror=format-security from RPM_OPT_FLAGS.
* Fri Dec 13 2013 Petr Machata <pmachata@redhat.com> – 0.157-3
– Add upstream support for aarch64
* Wed Oct 9 2013 Mark Wielaard <mjw@redhat.com> 0.157-2
– Show tests/test-suite.log in build.log when make check fails.
* Mon Sep 30 2013 Mark Wielaard <mjw@redhat.com> 0.157-1
– Update to 0.157.
– Remove elfutils-0.156-abi_cfi-ppc-s390-arm.patch.
– Remove elfutils-0.156-et_dyn-kernels.patch.
* Fri Sep 6 2013 Mark Wielaard <mjw@redhat.com> 0.156-5
– Add elfutils-0.156-abi_cfi-ppc-s390-arm.patch.
Sets up initial CFI return register, CFA location expression and
register rules for PPC, S390 and ARM (dwarf_cfi_addrframe support).
* Mon Aug 26 2013 Mark Wielaard <mjw@redhat.com> 0.156-4
– Add elfutils-0.156-et_dyn-kernels.patch.
Fixes an issue on ppc64 with systemtap kernel address placement.
* Thu Aug 8 2013 Mark Wielaard <mjw@redhat.com> 0.156-3
– Make check can now also be ran in parallel.
* Thu Jul 25 2013 Jan Kratochvil <jan.kratochvil@redhat.com> 0.156-2
– Update the %configure command for compatibility with fc20 Koji.
* Thu Jul 25 2013 Jan Kratochvil <jan.kratochvil@redhat.com> 0.156-1
– Update to 0.156.
– #890447 – Add __bss_start and __TMC_END__ to elflint.
– #909481 – Only try opening files with installed compression libraries.
– #914908 – Add __bss_start__ to elflint.
– #853757 – Updated Polish translation.
– #985438 – Incorrect prototype of __libdwfl_find_elf_build_id.
– Drop upstreamed elfutils-0.155-binutils-pr-ld-13621.patch.
– Drop upstreamed elfutils-0.155-mem-align.patch.
– Drop upstreamed elfutils-0.155-sizeof-pointer-memaccess.patch.
* Tue Jul 2 2013 Karsten Hopp <karsten@redhat.com> 0.155-6
– bump release and rebuild to fix dependencies on PPC
——————————————————————————–
References:
[ 1 ] Bug #1085663 – CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw
https://bugzilla.redhat.com/show_bug.cgi?id=1085663
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update elfutils’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-04-0038-ADV |
| Cve | CVE-2014-0172 |
| ID izvornika | FEDORA-2014-5015 |
| Proizvod | elfutils |
| Izvor | http://www.redhat.com |
