Описание
Security update for gdb
This update for gdb fixes the following issues:
Update to gdb 8.3.1: (jsc#ECO-368)
Security issues fixed:
- CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. (bsc#1142772)
Upgrade libipt from v2.0 to v2.0.1.
-
Enable librpm for version > librpm.so.3 [bsc#1145692]:
- Allow any librpm.so.x
- Add %build test to check for 'zypper install ' message
-
Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python, and use it for --without=python.
Rebase to 8.3 release (as in fedora 30 @ 1e222a3).
- DWARF index cache: GDB can now automatically save indices of DWARF symbols on disk to speed up further loading of the same binaries.
- Ada task switching is now supported on aarch64-elf targets when debugging a program using the Ravenscar Profile.
- Terminal styling is now available for the CLI and the TUI.
- Removed support for old demangling styles arm, edg, gnu, hp and lucid.
- Support for new native configuration RISC-V GNU/Linux (riscv*--linux).
- Implemented access to more POWER8 registers. [fate#326120, fate#325178]
- Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]
Список пакетов
SUSE Linux Enterprise Module for Development Tools 15
gdb-8.3.1-3.13.1
gdbserver-8.3.1-3.13.1
Ссылки
- Link for SUSE-SU-2019:2902-1
- E-Mail link for SUSE-SU-2019:2902-1
- SUSE Security Ratings
- SUSE Bug 1115034
- SUSE Bug 1142772
- SUSE Bug 1145692
- SUSE CVE CVE-2019-1010180 page
- SUSE Bug ECO-368
Описание
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
Затронутые продукты
SUSE Linux Enterprise Module for Development Tools 15:gdb-8.3.1-3.13.1
SUSE Linux Enterprise Module for Development Tools 15:gdbserver-8.3.1-3.13.1
Ссылки
- CVE-2019-1010180
- SUSE Bug 1142772