Author: jmm
Date: 2017-10-04 10:37:08 +0000 (Wed, 04 Oct 2017)
New Revision: 56396
Modified:
data/CVE/list
Log:
new binutils issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-04 09:10:14 UTC (rev 56395)
+++ data/CVE/list 2017-10-04 10:37:08 UTC (rev 56396)
@@ -5,17 +5,53 @@
CVE-2017-15026
RESERVED
CVE-2017-15025 (decode_line_info in dwarf2.c in the Binary File Descriptor
(BFD) ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22186
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48
CVE-2017-15024 (find_abstract_instance_name in dwarf2.c in the Binary File
Descriptor ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22187
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52a93b95ec0771c97e26f0bb28630a271a667bd2
CVE-2017-15023 (read_formatted_entries in dwarf2.c in the Binary File
Descriptor (BFD) ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22200
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c361faae8d964db951b7100cada4dcdc983df1bf
CVE-2017-15022 (dwarf2.c in the Binary File Descriptor (BFD) library (aka
libbfd), as ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22201
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11855d8a1f11b102a702ab76e95b22082cccf2f8
CVE-2017-15021 (bfd_get_debug_link_info_1 in opncls.c in the Binary File
Descriptor ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22197
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d
CVE-2017-15020 (dwarf1.c in the Binary File Descriptor (BFD) library (aka
libbfd), as ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ [wheezy] - binutils <ignored> (Minor issue)
+ NOTE:
https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22202
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
CVE-2017-15019 (LAME 3.99.5 has a NULL Pointer Dereference in the
hip_decode_init ...)
TODO: check
CVE-2017-15018 (LAME 3.99.5 has a heap-based buffer over-read when handling a
malformed ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
