https://sourceware.org/bugzilla/show_bug.cgi?id=23963
--- Comment #6 from Nick Clifton <nickc at redhat dot com> --- (In reply to Ben N from comment #5) Hi Ben, > Thanks Nick. As I couldn't find functionality in objdump that warranted the > printing of control sequences and readelf already mitigate this behaviour, I > believe this to be a security vulnerability. > Can you please let me know your thoughts on this. I would like to apply for > a CVE and to notify pkg maintainers so this patch is backported. I think that you should apply for a CVE. I am not familiar with how control sequences might trigger VTE vulberabilities, but I do see how they could be used to conceal information in objdump's output, which would obviously be bad. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
