Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.8903
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.8903
<patchinfo incident="8903"> <issue tracker="cve" id="2017-7607"/> <issue tracker="cve" id="2018-18521"/> <issue tracker="cve" id="2018-16062"/> <issue tracker="cve" id="2019-7665"/> <issue tracker="cve" id="2017-7613"/> <issue tracker="cve" id="2017-7612"/> <issue tracker="cve" id="2017-7611"/> <issue tracker="cve" id="2018-18520"/> <issue tracker="cve" id="2017-7610"/> <issue tracker="cve" id="2018-16403"/> <issue tracker="cve" id="2019-7150"/> <issue tracker="cve" id="2017-7608"/> <issue tracker="cve" id="2018-16402"/> <issue tracker="cve" id="2018-18310"/> <issue tracker="cve" id="2017-7609"/> <issue tracker="bnc" id="1123685">VUL-1: CVE-2019-7150: elfutils: segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to a missing check</issue> <issue tracker="bnc" id="1033087">VUL-1: CVE-2017-7610: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file</issue> <issue tracker="bnc" id="1107067">VUL-1: CVE-2018-16403: elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash</issue> <issue tracker="bnc" id="1106390">VUL-1: CVE-2018-16062: elfutils: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18allows remote attackers to cause a denial of service (heap-based bufferover-read) via a crafted file.</issue> <issue tracker="bnc" id="1033084">VUL-1: CVE-2017-7607: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file</issue> <issue tracker="bnc" id="1125007">VUL-1: CVE-2019-7665: elfutils: heap-based buffer over-read in the function elf32_xlatetom in elf32_xlatetom.c</issue> <issue tracker="bnc" id="1033086">VUL-1: CVE-2017-7609: elfutils: denial of service (memory consumption) via a crafted ELF file</issue> <issue tracker="bnc" id="1112726">VUL-1: CVE-2018-18520: elfutils: An Invalid Memory Address Dereference exists in the function elf_end in libelf</issue> <issue tracker="bnc" id="1033090">VUL-1: CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file</issue> <issue tracker="bnc" id="1033089">VUL-1: CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file</issue> <issue tracker="bnc" id="1033088">VUL-1: CVE-2017-7611: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file</issue> <issue tracker="bnc" id="1033085">VUL-1: CVE-2017-7608: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file</issue> <issue tracker="bnc" id="1111973">VUL-1: CVE-2018-18310: elfutils: An invalid memory address dereference in dwfl_segment_report_module.c</issue> <issue tracker="bnc" id="1107066">VUL-0: CVE-2018-16402: elfutils: Double-free due to double decompression of sections in crafted ELF causes crash</issue> <issue tracker="bnc" id="1112723">VUL-1: CVE-2018-18521: elfutils: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib</issue> <category>security</category> <rating>moderate</rating> <packager>jmoreira</packager> <description>This update for elfutils fixes the following issues: Security issues fixed: - CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084) - CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085) - CVE-2017-7609: Fixed a memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7611: Fixed a denial of service via a crafted ELF file (bsc#1033088) - CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089) - CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections and the number of segments in a crafted ELF file (bsc#1033090) - CVE-2018-16062: Fixed a heap-buffer overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) - CVE-2018-16402: Fixed a denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) - CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067) - CVE-2018-18310: Fixed an invalid address read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726) - CVE-2018-18521: Fixed a denial of service vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007) </description> <summary>Security update for elfutils</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor