Armin Kuster
640706066c
binutils: Secuirty fix CVE-2017-8396 and CVE-2017-8397
...
Affects: <= 2.28
(From OE-Core rev: 006d106c81420ab53a9755f96edb58c227850587)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Armin Kuster
a24b585342
binutls: Security fix CVE-2017-8395
...
Affects: <= 2.28
(From OE-Core rev: b6c2ce1cd3907f5c6f5dcff0afb971d000e7c9bc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Armin Kuster
e109245168
binutls: Secuirty fix CVE-2017-8394
...
Affects: <= 2.28
(From OE-Core rev: 4684afc0f29beafc0b97a0c7f0479a88c5a69d8e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Armin Kuster
6da272440d
binutils: Security fix CVE-2017-8393
...
Affects: <= 2.28
(From OE-Core rev: e96c9ab000c8693788b7a233bd7061d43cbe24d7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Armin Kuster
34a2b675f4
binutils: Security Fix CVE-2017-7614
...
Affects: <= 2.28
(From OE-Core rev: 6dd4758d9f7060ccf1a30d7a4adb09beb43bc574)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Armin Kuster
722c61d4f4
binutils: Security fix CVE-2017-7223
...
Affects <= 2.28
(From OE-Core rev: 04ca81f0539a7549d4c527377c8a05b396247220)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-12-11 22:02:58 +00:00
Yuanjie Huang
fa7a1f2115
binutils: fix CVE-2017-7210
...
CVE: CVE-2017-7210
[BZ 21157] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21157
PR binutils/21157: Fix handling of corrupt STABS enum type strings.
(From OE-Core rev: d12a99cba6c9dc9e1f6bc3a7ca8057f07e9cb950)
(From OE-Core rev: 4ca4e781f1c62696f896d7027081f759798794aa)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-06-05 23:30:22 +01:00
Yuanjie Huang
e28778ee72
binutils: fix CVE-2017-7209 in readelf
...
CVE: CVE-2017-7209
[BZ 21135] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21135
PR binutils/21135: Fix invalid read of section contents whilst processing
a corrupt binary.
(From OE-Core rev: 2df642ca0a1e4a4e6616729018cf32d2108cabb2)
(From OE-Core rev: b262000162cb4e18421dd85bf5216c9fa3bdbf15)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-06-05 23:30:22 +01:00
Yuanjie Huang
829e2027b6
binutils: fix CVE-2017-6969 in readelf
...
CVE: CVE-2017-6969
[BZ 21156] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21156
PR binutils/21156: Fix illegal memory accesses in readelf when
ing a corrupt binary.
PR binutils/21156: Fix another memory access error in readelf when
parsing a corrupt binary.
(From OE-Core rev: de04c9811f7ce5179ba261bd8eae921d7873d6cd)
(From OE-Core rev: ae0e01474623969dc193687d59fb5a65ab4d42bc)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-06-05 23:30:21 +01:00
Fan Xin
13f7fc4655
binutils: Fix CVE-2017-8392
...
Backport upsream commit to fix CVE-2017-8392
CVE: CVE-2017-8392
[BZ 21409] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21409
PR 21409, segfault in _bfd_dwarf2_find_nearest_line
PR 21409
* dwarf2.c (_bfd_dwarf2_find_nearest_line): Don't segfault when
no symbols.
(From OE-Core rev: dff01b827c87ae135a1d5511b1efbdad01c0eaee)
(From OE-Core rev: c5a5017ce710108c61dba0e0af72bb72a9419701)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-06-05 23:30:21 +01:00
Yuanjie Huang
ca22ef73d0
binutils: Fix CVE-2017-6965 and CVE-2017-6966
...
Backport upstream commit to address vulnerabilities:
CVE: CVE-2017-6965
[BZ 21137] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21137
Fix readelf writing to illegal addresses whilst processing corrupt input
files containing symbol-difference relocations.
PR binutils/21137
* readelf.c (target_specific_reloc_handling): Add end parameter.
Check for buffer overflow before writing relocated values.
(apply_relocations): Pass end to target_specific_reloc_handling.
CVE: CVE-2017-6966
[BZ 21139] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21139
Fix read-after-free error in readelf when processing multiple, relocated
sections in an MSP430 binary.
PR binutils/21139
* readelf.c (target_specific_reloc_handling): Add num_syms
parameter. Check for symbol table overflow before accessing
symbol value. If reloc pointer is NULL, discard all saved state.
(apply_relocations): Pass num_syms to target_specific_reloc_handling.
Call target_specific_reloc_handling with a NULL reloc pointer
after processing all of the relocs.
(From OE-Core rev: 8c52a530ba2beb438aa47956bcec3777a1eafe5f)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-04-11 18:10:18 +01:00
Khem Raj
5a85d39c9d
binutils: Detect 64bit mips target for gold
...
(From OE-Core rev: b007eb12a80d81c2aa498941961df3f2899ece7e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-04-01 23:28:19 +01:00
Khem Raj
4485ea5807
binutils: Upgrade to 2.28 release
...
(From OE-Core rev: e9f839d5fe70a222cc7b8942f401ac86a10e6604)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-03-07 20:05:31 +00:00