openSUSE-SU-2021:3643-1

Опубликовано: 09 нояб. 2021

Источник: suse-cvrf

Описание

Security update for binutils

This update for binutils fixes the following issues:

For compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. (bsc#1192267) This reverts IBM zSeries HLASM support for now.
Fixed that ppc64 optflags did not enable LTO (bsc#1188941).
Fix empty man-pages from broken release tarball
Fixed a memory corruption with rpath option (bsc#1191473).
Fixed slow performance of stripping some binaries (bsc#1183909).

Security issue fixed:

CVE-2021-20294: Fixed out-of-bounds write in print_dynamic_symbol in readelf (bnc#1184519)

Список пакетов

openSUSE Leap 15.3

binutils-2.37-7.26.1

binutils-devel-2.37-7.26.1

binutils-devel-32bit-2.37-7.26.1

binutils-gold-2.37-7.26.1

cross-aarch64-binutils-2.37-7.26.1

cross-arm-binutils-2.37-7.26.1

cross-avr-binutils-2.37-7.26.1

cross-epiphany-binutils-2.37-7.26.1

cross-hppa-binutils-2.37-7.26.1

cross-hppa64-binutils-2.37-7.26.1

cross-i386-binutils-2.37-7.26.1

cross-ia64-binutils-2.37-7.26.1

cross-m68k-binutils-2.37-7.26.1

cross-mips-binutils-2.37-7.26.1

cross-ppc-binutils-2.37-7.26.1

cross-ppc64-binutils-2.37-7.26.1

cross-ppc64le-binutils-2.37-7.26.1

cross-riscv64-binutils-2.37-7.26.1

cross-rx-binutils-2.37-7.26.1

cross-s390-binutils-2.37-7.26.1

cross-s390x-binutils-2.37-7.26.1

cross-sparc-binutils-2.37-7.26.1

cross-sparc64-binutils-2.37-7.26.1

cross-spu-binutils-2.37-7.26.1

cross-x86_64-binutils-2.37-7.26.1

libctf-nobfd0-2.37-7.26.1

libctf0-2.37-7.26.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6GNK27D6NPRSWPQWFJADKDTOHPOGY6C/
E-Mail link for openSUSE-SU-2021:3643-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1183909
SUSE Bug 1183909
https://bugzilla.suse.com/1184519
SUSE Bug 1184519
https://bugzilla.suse.com/1188941
SUSE Bug 1188941
https://bugzilla.suse.com/1191473
SUSE Bug 1191473
https://bugzilla.suse.com/1192267
SUSE Bug 1192267
https://www.suse.com/security/cve/CVE-2021-20294/
SUSE CVE CVE-2021-20294 page

Описание

A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.

Затронутые продукты

openSUSE Leap 15.3:binutils-2.37-7.26.1

openSUSE Leap 15.3:binutils-devel-2.37-7.26.1

openSUSE Leap 15.3:binutils-devel-32bit-2.37-7.26.1

openSUSE Leap 15.3:binutils-gold-2.37-7.26.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-20294.html
CVE-2021-20294
https://bugzilla.suse.com/1184519
SUSE Bug 1184519
https://bugzilla.suse.com/1196680
SUSE Bug 1196680

openSUSE-SU-2021:3643-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-20294

Описание

Затронутые продукты

Ссылки