SUSE-SU-2021:3637-1

Опубликовано: 09 нояб. 2021

Источник: suse-cvrf

Описание

Security update for binutils

This update for binutils fixes the following issues:

For compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. (bsc#1192267) This reverts IBM zSeries HLASM support for now.
Fixed that ppc64 optflags did not enable LTO (bsc#1188941).
Fix empty man-pages from broken release tarball
Fixed a memory corruption with rpath option (bsc#1191473).
Fixed slow performance of stripping some binaries (bsc#1183909).

Security issue fixed:

CVE-2021-20294: Fixed out-of-bounds write in print_dynamic_symbol in readelf (bnc#1184519)

Список пакетов

HPE Helion OpenStack 8

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-Azure-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-EC2-HVM-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-GCE-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-Azure

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-Azure-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-EC2-HVM

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-EC2-HVM-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-GCE

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP4-SAP-GCE-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-Basic-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-HPC-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-HPC-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-SAP-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-SAP-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-Azure-Standard-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-EC2-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-EC2-ECS-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-EC2-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-EC2-SAP-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-EC2-SAP-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-GCE-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-GCE-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-GCE-SAP-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-GCE-SAP-On-Demand

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-OCI-BYOS-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

binutils-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server 12 SP2-BCL

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server 12 SP3-BCL

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server 12 SP3-LTSS

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server 12 SP4-LTSS

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server 12 SP5

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE Linux Enterprise Software Development Kit 12 SP5

binutils-devel-2.37-9.44.1

binutils-gold-2.37-9.44.1

cross-ppc-binutils-2.37-9.44.1

cross-spu-binutils-2.37-9.44.1

SUSE OpenStack Cloud 8

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE OpenStack Cloud 9

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE OpenStack Cloud Crowbar 8

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

SUSE OpenStack Cloud Crowbar 9

binutils-2.37-9.44.1

binutils-devel-2.37-9.44.1

libctf-nobfd0-2.37-9.44.1

libctf0-2.37-9.44.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20213637-1/
Link for SUSE-SU-2021:3637-1
https://lists.suse.com/pipermail/sle-security-updates/2021-November/009707.html
E-Mail link for SUSE-SU-2021:3637-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1183909
SUSE Bug 1183909
https://bugzilla.suse.com/1184519
SUSE Bug 1184519
https://bugzilla.suse.com/1188941
SUSE Bug 1188941
https://bugzilla.suse.com/1191473
SUSE Bug 1191473
https://bugzilla.suse.com/1192267
SUSE Bug 1192267
https://www.suse.com/security/cve/CVE-2021-20294/
SUSE CVE CVE-2021-20294 page

Описание

A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.

Затронутые продукты

HPE Helion OpenStack 8:binutils-2.37-9.44.1

HPE Helion OpenStack 8:binutils-devel-2.37-9.44.1

HPE Helion OpenStack 8:libctf-nobfd0-2.37-9.44.1

HPE Helion OpenStack 8:libctf0-2.37-9.44.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-20294.html
CVE-2021-20294
https://bugzilla.suse.com/1184519
SUSE Bug 1184519
https://bugzilla.suse.com/1196680
SUSE Bug 1196680

SUSE-SU-2021:3637-1

Описание

Список пакетов

HPE Helion OpenStack 8

Image SLES12-SP4-Azure-BYOS

Image SLES12-SP4-EC2-HVM-BYOS

Image SLES12-SP4-GCE-BYOS

Image SLES12-SP4-SAP-Azure

Image SLES12-SP4-SAP-Azure-BYOS

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP4-SAP-EC2-HVM

Image SLES12-SP4-SAP-EC2-HVM-BYOS

Image SLES12-SP4-SAP-GCE

Image SLES12-SP4-SAP-GCE-BYOS

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Basic-On-Demand

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-OCI-BYOS-BYOS

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2021-20294

Описание

Затронутые продукты

Ссылки