subject:"\[OE\-core\] \[mickledore\]\[PATCH\] binutils\: Fix CVE\-2023\-39128"

Re: [OE-core] [mickledore][PATCH] binutils: Fix CVE-2023-39128

2023-09-11 Thread Siddharth via lists.openembedded.org

Hi Sanjana, Thank-you for this patch. But, i feel this is not the right way to patch this vulnerability. No doubts the patch is released for binutils-gdb, but that is because the sources are merged. However, in our systems, the command gdb comes from gdb package and not from bintuils-gdb.

[OE-core] [mickledore][PATCH] binutils: Fix CVE-2023-39128

2023-09-08 Thread Sanjana V

Avoid buffer overflow in ada_decode. Signed-off-by: Sanjana --- .../binutils/binutils-2.40.inc| 1 + .../binutils/0017-CVE-2023-39128.patch| 74 +++ 2 files changed, 75 insertions(+) create mode 100644