On Wed, May 11, 2005 at 04:33:17PM +0200, Moritz Muehlenhoff wrote: > An integer overflow in parsing ELF segment headers has been found that > affects several of binutil's binaries, such as nm, strings or objdump and > can potentially be exploited to corrupt the heap and execute arbitrary > code. See http://bugs.gentoo.org/show_bug.cgi?id=91398 for a crafted > test binary (without malicious effects) and pointers to more information. > The bug log contains a patch by SuSE's Sebastian Krahmer, which has been > applied upstream.
No, a different patch was applied upstream. I am not clear on whether the other patches are still necessary. -- Daniel Jacobowitz CodeSourcery, LLC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]