openSUSE Build Service

Michal Suchanek (michals) committed over 1 year ago (revision 11)

Michal Suchanek (michals) committed over 1 year ago (revision 10)

Michal Suchanek (michals) committed over 1 year ago (revision 9)

Michal Suchanek (michals) committed over 1 year ago (revision 8)

Michal Suchanek (michals) accepted request 906717 from

Michal Suchanek (michals) almost 3 years ago (revision 7)

  - CVE-2017-7608: heap-based buffer overflow in
    over-read and application crash) via a crafted ELF file (bnc#1033089)

Michal Suchanek (michals) accepted request 906714 from

Michal Suchanek (michals) almost 3 years ago (revision 6)

  Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664
  - CVE-2019-7150: dwfl_segment_report_module doesn't check whether
    the dyn data read from core file is truncated (bnc#1123685)
  - CVE-2019-7665: NT_PLATFORM core file note should be a zero
    terminated string (CVE is a bit misleading, as this is not a bug
    in libelf as described) (bnc#1125007)
  - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the
    function arlib_add_symbols() used by eu-ranlib (bnc#1112723)
  - CVE-2018-18310: Invalid Address Read problem in
    dwfl_segment_report_module.c (bnc#1111973)
  - CVE-2018-18520: eu-size: Bad handling of ar files inside are
    files (bnc#1112726)
  - CVE-2018-16402: libelf: denial of service/double free on an
    attempt to decompress the same section twice (bnc#1107066)
    Double-free crash in nm and readelf
  - CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067)
  - CVE-2018-16062: heap-buffer-overflow in
    /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390)
  - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and
    application crash) via a crafted ELF file (bnc#1033088)
  - CVE-2017-7610: elflint: heap-based buffer overflow in check_group
    (bnc#1033087)
  - CVE-2017-7609: memory allocation failure in __libelf_decompress
    (bnc#1033086)
  - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi
    (readelf.c) (bnc#1033084)
  - CVE-2016-7608: heap-based buffer overflow in
    ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085)
  - CVE-2017-7613: elfutils: denial of service (memory consumption)
    via a crafted ELF file (bnc#1033090)

Michal Suchanek (michals) committed almost 3 years ago (revision 5)

Michal Suchanek (michals) committed almost 3 years ago (revision 4)

Michal Suchanek (michals) committed almost 3 years ago (revision 3)

Michal Suchanek (michals) committed almost 3 years ago (revision 2)

Michal Suchanek (michals) committed almost 3 years ago (revision 1)

Browse Source

Places

Revisions of elfutils

Places