[yocto-security] [OE-core CVE] branch morty updated. 2016-10-447-g4d4d076
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Sun Jan 7 09:11:11 PST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, morty has been updated
via 4d4d07650d600fcb8fb1de8592494c3a9e4189ce (commit)
via 221266dcf1f8825b5e4cf397d67cf535facca7e7 (commit)
via c717da006b2f12c5ec4bcdc6bdbcb4d1098829a5 (commit)
via 166ba306f2e7e18ad69e355c160739cb67814236 (commit)
via de11341de3fc073f4aad91746a398168d1833333 (commit)
via 3ca903e5305ad2236ecf763e241a26f4df18e278 (commit)
via 03225f76dd255ae2f70d0ebdece62be284f2a090 (commit)
via 294b706d2b5d6732c8b05e6cf0300c62de1f909f (commit)
via 592f315516e602bd9a9bdc3d116771528cd433d1 (commit)
via 3e88bb5e933ebbf9c3445bac1814dc0ac105bf45 (commit)
via 51fc4c8d86bc7c567794305bcc08e5054e9e204a (commit)
via a36978f0dd372ec836f63942f965652ca3716e3f (commit)
via 162fce9416dcde1a0b7edfbf772fa6e6e18c46a4 (commit)
via f8542a9cf50c8001f675f68e42234c306d8ce1e7 (commit)
via f48d4c21673c16760c5a9ff51934127339234f85 (commit)
via 98b66508f8b382f047d12df430b6e812a9336ab9 (commit)
via 7d46daa5e580e841f83b9070b3c84e87d8fd1181 (commit)
via ea89dfe868085b463dfc24df78b49d1703989484 (commit)
via d8996fd2bf72fa774202724864ef014592a16ece (commit)
via c12bb8d25b9af2df8cbff0a457c2d049efdf49d9 (commit)
via fe9fed67e2f62223626f6683b197bc3b55092d54 (commit)
via 2a13567ea790d71a36eab0293f5a1918ef447e13 (commit)
via 3306cbace5069e58bb62f31ec91ca805410bd949 (commit)
via 40325ae2c4160fa99cebd5cef3f8df5063976076 (commit)
via 020863d45d39a336723300138777583afb0b12c7 (commit)
via 1e19e656a97caf61f26ab4f52339b9413d3bb29f (commit)
via 0d6e08ffc4760947653ad9368d594074d506f697 (commit)
via 09c642a70e2a12dcc01ffe45c333011a142c02a7 (commit)
via e5aa4adaddbae184bbbb1c42f79c1deba931c72a (commit)
via c1b259c5fef13e1ecff9a68d82cde49c777ffa4d (commit)
via 6dd9179c4208c8d13f7e9c784d9993606416ab97 (commit)
via addac2e8f6f6132807a590a032a4292079542fbe (commit)
via 24124406a2a1657b80ba2933bef40ccf798c8097 (commit)
via fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120 (commit)
via ef1a98976886560396a514458edb80a21f09b808 (commit)
via dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5 (commit)
via 315608a626f9e21d198d1600ded69114ac1e16d1 (commit)
via 650a5b69c4ae7cf91d13993225877d0187bcb65e (commit)
via ba01ee6899c8d36e6469f6d02d40866fb0502af9 (commit)
via 54992e752e396fc5b3bc5b067cfc4741f1176bb3 (commit)
via b35c5c25947daf47b5cbccd8836e22234baa6f0f (commit)
via 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745 (commit)
via 62eeac8e4684c129af6f36aa7c2b91270a5dacde (commit)
via 62c4dc16dd8fe99cba970c5e7d8dfc063855d4b9 (commit)
via 996e7af41b48107bab5eca0ea26f507541382bd5 (commit)
via abc9e4eebafac084bee054954bd93288cd1d0a8c (commit)
via d445a9abe7af0a1a54e466bdae8978f6ffb5f6bc (commit)
via 2dfdc0ceac466a4b80ece01a970cb5cfdc08d7ab (commit)
via 9d5c9ad603947136e23325b123bc37c4b939d783 (commit)
via 8df5d5d7809381a6e9b93bb6f772b1fd77046da9 (commit)
via 72dc7aa95afb64bc9ff070e5c2b372d2db6ac5c6 (commit)
from b08b726fedfd56af199aff6b39c60d4abadf5e40 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4d4d07650d600fcb8fb1de8592494c3a9e4189ce
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:52 2017 +0200
glib.inc: set CVE_PRODUCT to glib
NVD uses product glib and vendor gnome for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-6855
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit 69d6342d45316389afb4b062088919689db0a6dd)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 221266dcf1f8825b5e4cf397d67cf535facca7e7
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:51 2017 +0200
glibc-common.inc: set CVE_PRODUCT to glibc
All recipes which include this .inc map to glibc NVD component.
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit 613a13725db4e05539974cc7c66584a287d7b4bd)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit c717da006b2f12c5ec4bcdc6bdbcb4d1098829a5
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:50 2017 +0200
sqlite3.inc: set CVE_PRODUCT to sqlite
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-6153
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit cec6f26f4d2f16c9a58fac5a6344e3d43b36ed09)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 166ba306f2e7e18ad69e355c160739cb67814236
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:49 2017 +0200
python.inc: set CVE_PRODUCT to python
All python versions are just python in NVD like this CVE
for python 3.4.4:
https://nvd.nist.gov/vuln/detail/CVE-2016-5699
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit 848e1be494e8ea10c729f95f02acb366e1843d75)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit de11341de3fc073f4aad91746a398168d1833333
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:48 2017 +0200
icu.inc: set CVE_PRODUCT to international_components_for_unicode
NVD uses it for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2014-8146
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit eaac39100cadc81c89e6eb5ab389cd684699aa90)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 3ca903e5305ad2236ecf763e241a26f4df18e278
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:47 2017 +0200
bluez5.inc: set CVE_PRODUCT to bluez
bluez is the product name in NVD database for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-7837
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit aade84aa54bb2f958572623ed6464184efd19862)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 03225f76dd255ae2f70d0ebdece62be284f2a090
Author: Mikko Rapeli <mikko.rapeli at bmw.de>
Date: Mon Dec 18 15:50:46 2017 +0200
acpid.inc: set CVE_PRODUCT to acpid2
It is used in NVD database for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2011-4578
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit 966052df79df0f68565ebc40887170322d3f85b8)
Signed-off-by: Ruslan Ruslichenko <rruslich at cisco.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 294b706d2b5d6732c8b05e6cf0300c62de1f909f
Author: Andre McCurdy <armccurdy at gmail.com>
Date: Wed Dec 13 17:00:31 2017 -0800
cmake: avoid configure failures if CFLAGS contains -Wstrict-prototypes
Signed-off-by: Andre McCurdy <armccurdy at gmail.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
(cherry picked from commit 0c89b010ce2e426f55ac7c6f94befef988913834)
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 592f315516e602bd9a9bdc3d116771528cd433d1
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Nov 8 13:44:34 2017 +0530
binutils: CVE-2017-15938
Source: binutils-gdb.git
MR: 76766
Type: Security Fix
Disposition: Backport from binutils master
ChangeID: f080669b4e6f7c9088e30858238da5f4315192f3
Description:
PR22209, invalid memory read in find_abstract_instance_name
This patch adds bounds checking for DW_FORM_ref_addr die refs, and
calculates them relative to the first .debug_info section. See the
big comment for why calculating relative to the current .debug_info
section was wrong for relocatable object files.
PR 22209
* dwarf2.c (struct comp_unit): Delete sec_info_ptr field.
(find_abstract_instance_name): Calculate DW_FORM_ref_addr relative
to stash->info_ptr_memory, and check die_ref is within that memory.
Set info_ptr_end correctly when another CU is refd. Check die_ref
for DW_FORM_ref4 etc. is within CU.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 3e88bb5e933ebbf9c3445bac1814dc0ac105bf45
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Nov 8 13:41:00 2017 +0530
binutils: CVE-2017-15024
Source: binutils-gdb.git
MR: 76524
Type: Security Fix
Disposition: Backport from binutils master
ChangeID: 5f22a66eabb228b655605b964ecd350aee700806
Description:
PR22187, infinite loop in find_abstract_instance_name
This patch prevents the simple case of infinite recursion in
find_abstract_instance_name by ensuring that the attributes being
processed are not the same as the previous call.
The patch also does a little cleanup, and leaves in place some changes
to the nested_funcs array that I made when I wrongly thought looping
might occur in scan_unit_for_symbols.
PR 22187
* dwarf2.c (find_abstract_instance_name): Add orig_info_ptr and
pname param. Return status. Make name const. Don't abort,
return an error. Formatting. Exit if current info_ptr matches
orig_info_ptr. Update callers.
(scan_unit_for_symbols): Start at nesting_level of zero. Make
nested_funcs an array of structs for extensibility. Formatting.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 51fc4c8d86bc7c567794305bcc08e5054e9e204a
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Nov 8 12:38:06 2017 +0530
binutils: CVE-2017-14729
Source: binutils-gdb.git
MR: 76278
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de
Description:
x86: Guard against corrupted PLT
There should be only one entry in PLT for a given symbol. Set howto to
NULL after processing a PLT entry to guard against corrupted PLT so that
the duplicated PLT entries are skipped.
PR binutils/22170
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit a36978f0dd372ec836f63942f965652ca3716e3f
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 20:35:41 2017 +0530
binutils: CVE-2017-9955
Source: binutils-gdb.git
MR: 73893
Type: Security Fix
Disposition: Backport from 'binutils-gdb.git/master' branch
ChangeID: 94c3ef8c1fa2e84e84ad76fb45307848d98817c8
Description:
PR 21665 : Fixed multiple heap based buffer overflow
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 162fce9416dcde1a0b7edfbf772fa6e6e18c46a4
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:42:19 2017 +0530
binutils: CVE-2017-9954
Source: binutils-gdb.git
MR: 73906
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 13858130a02bbe84744fd33ecbf2bbbd2360c09c
Description:
Fix address violation parsing a corrupt texhex format file.
PR binutils/21670
* tekhex.c (getvalue): Check for the source pointer exceeding the
end pointer before the first byte is read.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit f8542a9cf50c8001f675f68e42234c306d8ce1e7
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:39:24 2017 +0530
binutils: CVE-2017-9745
Source: binutils-gdb.git
MR: 74062
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 2ec9457275509bfd8dc9185fbdcd485192a82cca
Description:
Handle EITR records in VMS Alpha binaries with overlarge command length parameters.
PR binutils/21579
* vms-alpha.c (_bfd_vms_slurp_etir): Extend check of cmd_length.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit f48d4c21673c16760c5a9ff51934127339234f85
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:36:14 2017 +0530
binutils: CVE-2017-9756
Source: binutils-gdb.git
MR: 73919
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: bd4a354c2a1bd14e26232fc88a736950aa19403a
Description:
Prevent address violation problem when disassembling corrupt aarch64 binary.
PR binutils/21595
* aarch64-dis.c (aarch64_ext_ldst_reglist): Check for an out of
range value.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 98b66508f8b382f047d12df430b6e812a9336ab9
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:32:24 2017 +0530
binutils: CVE-2017-9755
Source: binutils-gdb.git
MR: 73932
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 49ad5f3244cd51ee6714c1b60cc1c3f84d7de7c8
Description:
i386-dis: Add 2 tests with invalid bnd register
PR binutils/21594
* testsuite/gas/i386/mpx.s: Add 2 tests with invalid bnd
register.
* testsuite/gas/i386/x86-64-mpx.s: Likewise.
* testsuite/gas/i386/mpx.d: Updated.
* testsuite/gas/i386/x86-64-mpx.d: Likewise.
i386-dis: Check valid bnd register
Since there are only 4 bnd registers, return "(bad)" for register
number > 3.
PR binutils/21594
* i386-dis.c (OP_E_register): Check valid bnd register.
(OP_G): Likewise.
Affects: <= 2.28
Author: H.J. Lu <hjl.tools at gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 7d46daa5e580e841f83b9070b3c84e87d8fd1181
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:28:06 2017 +0530
binutils: CVE-2017-9753_and_CVE-2017-9754
Source: binutils-gdb.git
MR: 73958, 73945
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: a39fdc82900af3f5d6ae396c913ac902f4ef7f60
Description:
Fix seg-faults in objdump when disassembling a corrupt versados binary.
PR binutils/21591
* versados.c (versados_mkobject): Zero the allocated tdata structure.
(process_otr): Check for an invalid offset in the otr structure.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit ea89dfe868085b463dfc24df78b49d1703989484
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:24:44 2017 +0530
binutils: CVE-2017-9752
Source: binutils-gdb.git
MR: 73971
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: fe0e1d0f234ed157135818c24f4270c34e093828
Description:
Fix potential address violations when processing a corrupt Alpha VMA binary.
PR binutils/21589
* vms-alpha.c (_bfd_vms_get_value): Add an extra parameter - the
maximum value for the ascic pointer. Check that name processing
does not read beyond this value.
(_bfd_vms_slurp_etir): Add checks for attempts to read beyond the
end of etir record.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit d8996fd2bf72fa774202724864ef014592a16ece
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:21:03 2017 +0530
binutils: CVE-2017-9750
Source: binutils-gdb.git
MR: 73997
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 36893e1db9214b4da972a1eeb482be34405f0410
Description:
Fix address violation problems when disassembling a corrupt RX binary.
PR binutils/21587
* rx-decode.opc: Include libiberty.h
(GET_SCALE): New macro - validates access to SCALE array.
(GET_PSCALE): New macro - validates access to PSCALE array.
(DIs, SIs, S2Is, rx_disp): Use new macros.
* rx-decode.c: Regenerate.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit c12bb8d25b9af2df8cbff0a457c2d049efdf49d9
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:17:24 2017 +0530
binutils: CVE-2017-9747
Source: binutils-gdb.git
MR: 74036
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: b25bffca0b51e9c13ba752534b64bd28a147a135
Description:
Fix address violation parsing a corrupt ieee binary.
PR binutils/21581
(ieee_archive_p): Use a static buffer to avoid compiler bugs.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit fe9fed67e2f62223626f6683b197bc3b55092d54
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:14:03 2017 +0530
binutils: CVE-2017-9748
Source: binutils-gdb.git
MR: 74023
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: efff4d9ed538ff859ab5105a3594690e860d0779
Description:
Avoid a possible compiler bug by using a static buffer instead of a stack local buffer.
PR binutils/21582
* ieee.c (ieee_object_p): Use a static buffer to avoid compiler
bugs.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 2a13567ea790d71a36eab0293f5a1918ef447e13
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:09:43 2017 +0530
binutils: CVE-2017-9746
Source: binutils-gdb.git
MR: 74049
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 8dad195531894850a242ccf70990a963cf16f291
Description:
Fix address violation when disassembling a corrupt binary.
PR binutils/21580
binutils * objdump.c (disassemble_bytes): Check for buffer overrun when
printing out rae insns.
ld * testsuite/ld-nds32/diff.d: Adjust expected output.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 3306cbace5069e58bb62f31ec91ca805410bd949
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:06:01 2017 +0530
binutils: CVE-2017-9749
Source: binutils-gdb.git
MR: 74010
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 5b89fbcab899af53585b61bd40724a38bff831d3
Description:
Prevent invalid array accesses when disassembling a corrupt bfin binary.
PR binutils/21586
* bfin-dis.c (gregs): Clip index to prevent overflow.
(regs): Likewise.
(regs_lo): Likewise.
(regs_hi): Likewise.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 40325ae2c4160fa99cebd5cef3f8df5063976076
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Sep 21 19:02:28 2017 +0530
binutils: CVE-2017-9751
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73984
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: b0488808caeeef072f9b00dd174c750da5e58b4b
Description:
Fix address violation when disassembling a corrupt RL78 binary.
PR binutils/21588
* rl78-decode.opc (OP_BUF_LEN): Define.
(GETBYTE): Check for the index exceeding OP_BUF_LEN.
(rl78_decode_opcode): Use OP_BUF_LEN as the length of the op_buf
array.
* rl78-decode.c: Regenerate.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 020863d45d39a336723300138777583afb0b12c7
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Sep 20 14:27:21 2017 +0530
binutils: CVE-2017-7299
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74257
Type: Security Fix
Disposition: Backport from 'embedded-binutils-master'
ChangeID: b55df05e3d3fd21bd30edaea124135892747b1ee
Description:
Linking non-ELF file broken by PR20908 fix
PR ld/20968
PR ld/20908
* elflink.c (bfd_elf_final_link): Revert 2016-12-02 change. Move
reloc counting code later after ELF flavour test.
PR lf/20908
* elflink.c (bfd_elf_final_link): Check for ELF flavour binaries
when following indirect links.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 1e19e656a97caf61f26ab4f52339b9413d3bb29f
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Sep 20 13:52:00 2017 +0530
binutils: CVE-2017-8398
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74127
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54
Description:
Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary.
PR binutils/21438
* dwarf.c (process_extended_line_op): Do not assume that the
string extracted from the section is NUL terminated.
(fetch_indirect_string): If the string retrieved from the section
is not NUL terminated, return an error message.
(fetch_indirect_line_string): Likewise.
(fetch_indexed_string): Likewise.
Affects: <= 2.29
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 0d6e08ffc4760947653ad9368d594074d506f697
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Sep 20 13:22:09 2017 +0530
binutils: CVE-2017-8394
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74166
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: d614742d33a55da6cafede60cd171766afb0aa1d
Description:
PR 21414, null pointer deref of _bfd_elf_large_com_section sym
PR 21414
* section.c (GLOBAL_SYM_INIT): Make available in bfd.h.
* elf.c (lcomm_sym): New.
(_bfd_elf_large_com_section): Use lcomm_sym section symbol.
* bfd-in2.h: Regenerate.
Affects: <= 2.29
Author: Alan Modra <amodra at gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 09c642a70e2a12dcc01ffe45c333011a142c02a7
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Sep 13 17:14:14 2017 +0530
binutils: CVE-2017-8421
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74140
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 5f6dd48c427de8663c5a80af6db44ce5c579d42c
Description:
Prevent memory exhaustion from a corrupt PE binary with an overlarge number of relocs.
PR 21440
* objdump.c (dump_relocs_in_section): Check for an excessive
number of relocs before attempting to dump them.
Affects: <= 2.29
Author: Alan Modra <amodra at gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit e5aa4adaddbae184bbbb1c42f79c1deba931c72a
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Sep 13 17:09:39 2017 +0530
binutils: CVE-2017-8396
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74101
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: db47540066f83529439566f8621d6e35fe86b77c
Description:
buffer overflow in perform_relocation
The existing reloc offset range tests didn't catch small negative
offsets less than the size of the reloc field.
PR 21432
* reloc.c (reloc_offset_in_range): New function.
(bfd_perform_relocation, bfd_install_relocation): Use it.
(_bfd_final_link_relocate): Likewise.
Affects: <= 2.29
Author: Alan Modra <amodra at gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit c1b259c5fef13e1ecff9a68d82cde49c777ffa4d
Author: Manjunath S Matti <mmatti at mvista.com>
Date: Wed Sep 13 16:02:32 2017 +0530
Fix seg-fault in the linker when examining a corrupt binary.
Source: https://sourceware.org/
MR: 74244
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=531336e3a0b79ed60cfc36ad2d6579b6a71175da
ChangeID: 69cc8699fcb0655f3a48778e514552dfaea7229c
Description:
Fix seg-fault in the linker when examining a corrupt binary.
PR ld/20909
* aoutx.h (aout_link_add_symbols): Fix off-by-one error in check
for an illegal string offset.
CVE: CVE-2017-7300
Affects: < 2.27-r0.9.1
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Manjunath S Matti <mmatti at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 6dd9179c4208c8d13f7e9c784d9993606416ab97
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 18:35:19 2017 +0530
binutils: CVE-2017-8397
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74114
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: d55e7590c08c4db483bba2fa35df8fbb6283686e
Description:
Fix a seg-fault when processing a corrupt binary containing reloc(s) with negative addresses.
PR binutils/21434
* reloc.c (bfd_perform_relocation): Check for a negative address
in the reloc.
Affects: <= 2.29
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit addac2e8f6f6132807a590a032a4292079542fbe
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 18:31:38 2017 +0530
binutils: CVE-2017-8395
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74153
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 27dce214c561f9ae6f874990432f9d76a7de29d4
Description:
Fix seg-fault attempting to compress a debug section in a corrupt binary.
PR binutils/21431
* compress.c (bfd_init_section_compress_status): Check the return
value from bfd_malloc.
Affects: <= 2.29
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 24124406a2a1657b80ba2933bef40ccf798c8097
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 18:26:31 2017 +0530
binutils: CVE-2017-8393
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74179
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 976156cd25454143883090ca42010c38c6d6af0f
Description:
PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA.
This patch fixes an assumption made by code that runs for objcopy and
strip, that SHT_REL/SHR_RELA sections are always named starting with a
.rel/.rela prefix. I'm also modifying the interface for
elf_backend_get_reloc_section, so any backend function just needs to
handle name mapping.
Affects: <= 2.29
Author: Alan Modra <amodra at gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 16:47:25 2017 +0530
binutils: CVE-2017-7304
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74192
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: 9a4c249becded1b479c0b9e9f175aebb80294317
Description:
Fix seg-fault in strip when copying a corrupt binary.
PR binutils/20931
* elf.c (copy_special_section_fields): Check for an invalid
sh_link field before attempting to follow it.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit ef1a98976886560396a514458edb80a21f09b808
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 16:44:08 2017 +0530
binutils: CVE-2017-7303
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74205
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: db5bfb63661d39846c3b03353e1383c621759d48
Description:
Fix seg-fault attempting to strip a corrupt binary.
PR binutils/20922
* elf.c (find_link): Check for null headers before attempting to
match them.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 16:39:25 2017 +0530
binutils: CVE-2017-7302
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74218
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: 11677f4fb24c7a49efc23ea7d54de1bf85e74b12
Description:
Fix seg-fault running strip on a corrupt binary.
PR binutils/20921
* aoutx.h (squirt_out_relocs): Check for and report any relocs
that could not be recognised.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 315608a626f9e21d198d1600ded69114ac1e16d1
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 16:34:32 2017 +0530
binutils: CVE-2017-7301
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74231
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: 1fbae9f71e3ad90f930f8b25d550de964e05c259
Description:
Fix seg-fault in linker parsing a corrupt input file.
PR ld/20924
(aout_link_add_symbols): Fix off by one error checking for
overflow of string offset.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 650a5b69c4ae7cf91d13993225877d0187bcb65e
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 14:03:42 2017 +0530
binutils: CVE-2017-7227
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74270
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: e4e88f56ba13671afb5b3194ca4c1c59601e5fd5
Description:
Fix seg-fault in linker when passed a bogus input script.
PR ld/20906
* ldlex.l: Check for bogus strings in linker scripts.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit ba01ee6899c8d36e6469f6d02d40866fb0502af9
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 13:59:36 2017 +0530
binutils: CVE-2017-7225
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74296
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8
Description:
Fix seg-fault running addr2line on a corrupt binary.
PR binutils/20891
* aoutx.h (find_nearest_line): Handle the case where the main file
name and the directory name are both empty.
Affects: <= 2.29
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 54992e752e396fc5b3bc5b067cfc4741f1176bb3
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 13:56:15 2017 +0530
binutils: CVE-2017-7224
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74309
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 640c2ad711ead368a65079a464c55368851e8744
Description:
Fix a seg-fault disassembling a corrupt binary.
PR binutils/20892
* aoutx.h (find_nearest_line): Handle the case where the function
name is empty.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit b35c5c25947daf47b5cbccd8836e22234baa6f0f
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Mon Sep 4 13:52:14 2017 +0530
binutils: CVE-2017-7223
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74322
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: c7e14cdaab09996e736a6294834d3470ac9ddb6c
Description:
Fix seg fault attempting to unget an EOF character.
PR gas/20898
* app.c (do_scrub_chars): Do not attempt to unget EOF.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Aug 31 19:23:29 2017 +0530
binutils: CVE-2017-12450_12452_12453_12454_12456
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73854, 73827, 73814, 73801, 73775
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5
Description:
Fix address violation errors parsing corrupt binary files.
PR 21813
binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty
string whilst concatenating symbol names.
bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address
of the relocs to the canonicalize_one_reloc routine.
* mach-o.h (struct bfd_mach_o_backend_data): Update the prototype
for the _bfd_mach_o_canonicalize_one_reloc field.
* mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add
res_base parameter. Use to check for corrupt pair relocs.
* mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc):
Likewise.
* mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc):
Likewise.
* mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc):
Likewise.
* vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is
enough data in the record before attempting to parse it.
(_bfd_vms_slurp_eeom): Likewise.
(_bfd_vms_slurp_egsd): Check for an invalid section index.
(image_set_ptr): Likewise.
(alpha_vms_slurp_relocs): Likewise.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 62eeac8e4684c129af6f36aa7c2b91270a5dacde
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Thu Aug 31 19:00:45 2017 +0530
binutils: CVE-2017-12451
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73840
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 582c686f18c059d665189a6a09df3a8cc4a3b093
Description:
Fix address violation when attempting to read a corrupt field in a COFF archive header structure.
PR 21786
* coff-rs6000.c (_bfd_strntol): New function.
(_bfd_strntoll): New function.
(GET_VALUE_IN_FIELD): New macro.
(EQ_VALUE_IN_FIELD): new macro.
(_bfd_xcoff_slurp_armap): Use new macros.
(_bfd_xcoff_archive_p): Likewise.
(_bfd_xcoff_read_ar_hdr): Likewise.
(_bfd_xcoff_openr_next_archived_file): Likewise.
(_bfd_xcoff_stat_arch_elt): Likewise.
Extend previous fix to coff-rs6000.c to coff64-rs6000.c
PR 21786
* coff64-rs6000.c (_bfd_strntol): New function.
(_bfd_strntoll): New function.
(GET_VALUE_IN_FIELD): New macro.
(xcoff64_slurp_armap): Use new macros.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 62c4dc16dd8fe99cba970c5e7d8dfc063855d4b9
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Aug 30 17:54:52 2017 +0530
binutils: CVE-2017-12449, CVE-2017_12455, CVE-2017-12457, CVE-2017-12458, CVE-2017-12459
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73867, 73788, 73762, 73749, 73734
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 29a1fd75a879d40560b3891305b7d9577e26ffe5
Description:
Fix address violation issues encountered when parsing corrupt binaries.
PR 21840
* mach-o.c (bfd_mach_o_read_symtab_strtab): Fail if the symtab
size is -1.
* nlmcode.h (nlm_swap_auxiliary_headers_in): Replace assertion
with error return.
* section.c (bfd_make_section_with_flags): Fail if the name or bfd
are NULL.
* vms-alpha.c (bfd_make_section_with_flags): Correct computation
of end pointer.
(evax_bfd_print_emh): Check for invalid string lengths.
Fix address violations when reading corrupt VMS records.
PR binutils/21618
* vms-alpha.c (evax_bfd_print_emh): Check for insufficient record
length.
(evax_bfd_print_eeom): Likewise.
(evax_bfd_print_egsd): Check for an overlarge record length.
(evax_bfd_print_etir): Likewise.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 996e7af41b48107bab5eca0ea26f507541382bd5
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Aug 30 17:51:17 2017 +0530
binutils: CVE-2017-12448
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73880
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f
Description:
Fix use-after-free error when parsing a corrupt nested archive.
PR 21787
* archive.c (bfd_generic_archive_p): If the bfd does not have the
correct magic bytes at the start, set the error to wrong format
and clear the format selector before returning NULL.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit abc9e4eebafac084bee054954bd93288cd1d0a8c
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
Date: Wed Aug 23 14:06:58 2017 +0530
binutils: CVE-2017-7226
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74283
Type: Security Fix
Disposition: Backport from binutils_v2_28
ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909
Description:
Use strnlen to avoid running over the end of the string buffer.
Affects: <= 2.28
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit d445a9abe7af0a1a54e466bdae8978f6ffb5f6bc
Author: Armin Kuster <akuster at mvista.com>
Date: Wed Jun 21 12:01:25 2017 -0700
binutils: Security Fix CVE-2017-9041
Source: binutils-gdb.git
MR: 72791
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=919383ac718c2a3187ee2a9ad659daa22da26258
ChangeID: 7b4588368a367a4d57efbfdcd9c00fcc0875af7b
Description:
Affects: <= 2.28
Signed-off-by: Armin Kuster <akuster at mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 2dfdc0ceac466a4b80ece01a970cb5cfdc08d7ab
Author: Armin Kuster <akuster at mvista.com>
Date: Wed Jun 21 11:22:35 2017 -0700
binutils: Security fix for CVE-2017-9040 and 2017-9042
Source: binutils-gdb.git
MR: 72756, 72805
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
ChangeID: af83ec9e8322e0e051bb684bd2fee5fe8a506fbc
Description:
excluded some changes as the code does not exist in our version. Does not affect fix.
Affects: <= Binutils 2017-04-12
Signed-off-by: Armin Kuster <akuster at mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 9d5c9ad603947136e23325b123bc37c4b939d783
Author: Armin Kuster <akuster at mvista.com>
Date: Wed Jun 21 10:28:29 2017 -0700
binutils: Security Fix CVE-2017-9039
Source: binutils-gbd.git
MR: 72742
Type: Security Fix
Disposition: Backport from git://sourceware.org/binutils-gdb.git
ChangeID: 280f36838862ea67fdcd65b162c1a4835cf924dc
Description:
Affects: <= 2.28
Signed-off-by: Armin Kuster <akuster at mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 8df5d5d7809381a6e9b93bb6f772b1fd77046da9
Author: Armin Kuster <akuster at mvista.com>
Date: Wed Jun 21 09:55:20 2017 -0700
binutis: Security fix CVE-2017-9038
Source: Binutils.org
MR: 72728
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d
ChangeID: 7e242783945a87af0a821b924bd16624a0f18fb3
Description:
Affects: <= 2.28
Signed-off-by: Armin Kuster <akuster at mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
commit 72dc7aa95afb64bc9ff070e5c2b372d2db6ac5c6
Author: Armin Kuster <akuster at mvista.com>
Date: Wed Jun 21 08:07:20 2017 -0700
binutis: Security fix CVE-2017-7614
Source: binutils-gbd.git
MR: 71732
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
ChangeID: 44d3f2d902013f6e8faf485bf736106a11603e16
Description:
minor change to get changelog to apply
Affects: binutils < 2.28
Signed-off-by: Armin Kuster <akuster at mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
meta/recipes-bsp/acpid/acpid.inc | 2 +
meta/recipes-connectivity/bluez5/bluez5.inc | 2 +
meta/recipes-core/glib-2.0/glib.inc | 2 +
meta/recipes-core/glibc/glibc-common.inc | 1 +
meta/recipes-devtools/binutils/binutils-2.27.inc | 58 +
.../binutils/binutils/CVE-2017-12448.patch | 49 +
.../binutils/CVE-2017-12449_12455_12457.patch | 240 ++
.../binutils/CVE-2017-12449_12455_12457_1.patch | 97 +
.../CVE-2017-12450_12452_12453_12454_12456.patch | 375 ++
.../CVE-2017-12450_12452_12453_12454_12456_1.patch | 113 +
.../binutils/binutils/CVE-2017-12451.patch | 384 ++
.../binutils/binutils/CVE-2017-14729.patch | 45 +
.../binutils/binutils/CVE-2017-15024.patch | 241 ++
.../binutils/binutils/CVE-2017-15938.patch | 153 +
.../binutils/binutils/CVE-2017-7223.patch | 40 +
.../binutils/binutils/CVE-2017-7224.patch | 48 +
.../binutils/binutils/CVE-2017-7225.patch | 66 +
.../binutils/binutils/CVE-2017-7226.patch | 42 +
.../binutils/binutils/CVE-2017-7227.patch | 49 +
.../binutils/binutils/CVE-2017-7299_1.patch | 47 +
.../binutils/binutils/CVE-2017-7299_2.patch | 120 +
.../binutils/binutils/CVE-2017-7300.patch | 55 +
.../binutils/binutils/CVE-2017-7301.patch | 52 +
.../binutils/binutils/CVE-2017-7302.patch | 81 +
.../binutils/binutils/CVE-2017-7303.patch | 55 +
.../binutils/binutils/CVE-2017-7304.patch | 53 +
.../binutils/binutils/CVE-2017-7614.patch | 105 +
.../binutils/binutils/CVE-2017-8393.patch | 201 ++
.../binutils/binutils/CVE-2017-8394.patch | 114 +
.../binutils/binutils/CVE-2017-8394_1.patch | 80 +
.../binutils/binutils/CVE-2017-8395.patch | 72 +
.../binutils/binutils/CVE-2017-8396.patch | 102 +
.../binutils/binutils/CVE-2017-8397.patch | 50 +
.../binutils/binutils/CVE-2017-8398.patch | 147 +
.../binutils/binutils/CVE-2017-8421.patch | 51 +
.../binutils/binutils/CVE-2017-9038.patch | 51 +
.../binutils/binutils/CVE-2017-9039.patch | 72 +
.../binutils/binutils/CVE-2017-9039_1.patch | 56 +
.../binutils/binutils/CVE-2017-9040_and_9042.patch | 83 +
.../binutils/binutils/CVE-2017-9041_1.patch | 51 +
.../binutils/binutils/CVE-2017-9041_2.patch | 84 +
.../binutils/binutils/CVE-2017-9745.patch | 62 +
.../binutils/binutils/CVE-2017-9746.patch | 88 +
.../binutils/binutils/CVE-2017-9747.patch | 40 +
.../binutils/binutils/CVE-2017-9748.patch | 45 +
.../binutils/binutils/CVE-2017-9749.patch | 75 +
.../binutils/binutils/CVE-2017-9750.patch | 262 ++
.../binutils/binutils/CVE-2017-9751.patch | 3738 ++++++++++++++++++++
.../binutils/binutils/CVE-2017-9752.patch | 204 ++
.../binutils/binutils/CVE-2017-9753_9754.patch | 76 +
.../binutils/binutils/CVE-2017-9755_1.patch | 60 +
.../binutils/binutils/CVE-2017-9755_2.patch | 101 +
.../binutils/binutils/CVE-2017-9756.patch | 43 +
.../binutils/binutils/CVE-2017-9954.patch | 58 +
.../binutils/binutils/CVE-2017-9955_1.patch | 93 +
.../binutils/binutils/CVE-2017-9955_2.patch | 112 +
.../binutils/binutils/CVE-2017-9955_3.patch | 44 +
.../binutils/binutils/CVE-2017-9955_4.patch | 50 +
.../binutils/binutils/CVE-2017-9955_5.patch | 89 +
.../binutils/binutils/CVE-2017-9955_6.patch | 55 +
.../binutils/binutils/CVE-2017-9955_7.patch | 79 +
.../binutils/binutils/CVE-2017-9955_8.patch | 170 +
.../binutils/binutils/CVE-2017-9955_9.patch | 360 ++
meta/recipes-devtools/cmake/cmake.inc | 1 +
...void-gcc-warnings-with-Wstrict-prototypes.patch | 42 +
meta/recipes-devtools/python/python.inc | 2 +
meta/recipes-support/icu/icu.inc | 2 +
meta/recipes-support/sqlite/sqlite3.inc | 2 +
68 files changed, 9742 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12448.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12449_12455_12457.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12449_12455_12457_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12450_12452_12453_12454_12456.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12450_12452_12453_12454_12456_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-12451.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-15024.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-15938.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7223.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7224.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7225.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7227.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7299_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7299_2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7300.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7301.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7302.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7303.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7304.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-7614.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8393.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8394.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8394_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8396.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8397.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8398.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-8421.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9038.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9039.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9039_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9040_and_9042.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9041_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9041_2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9745.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9746.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9747.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9748.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9749.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9750.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9751.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9752.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9753_9754.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9755_2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9756.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9954.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_4.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_6.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_7.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_8.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2017-9955_9.patch
create mode 100644 meta/recipes-devtools/cmake/cmake/avoid-gcc-warnings-with-Wstrict-prototypes.patch
hooks/post-receive
--
More information about the yocto-security
mailing list