Frugalware Let's make things frugal!
En Fr Es It
Package:binutils
Date:2015-02-28
Posted by:kikadf
Vulnerable version:2.24-4
Unaffected version:2.24-5rigel1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8501 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8502 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8503 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8504 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8738
Description:Michal Zalewski discovered that the srec_scan function in libbfd in GNU binutils allowed out-of-bounds reads. Michal Zalewski discovered that the setup_group function in libbfd in GNU binutils did not properly check group headers in ELF files. Hanno Böck discovered that the _bfd_XXi_swap_aouthdr_in function in libbfd in GNU binutils allowed out-of-bounds writes. Hanno Böck discovered a heap-based buffer overflow in the pe_print_edata function in libbfd in GNU binutils. Hanno Böck discovered a stack-based buffer overflow in the ihex_scan function in libbfd in GNU binutils. Michal Zalewski discovered a stack-based buffer overflow in the srec_scan function in libbfd in GNU binutils. Alexander Cherepanov discovered multiple directory traversal vulnerabilities in GNU binutils. Alexander Cherepanov discovered the _bfd_slurp_extended_name_table function in libbfd in GNU binutils allowed invalid writes when handling extended name tables in an archive.