FS#42773 - [binutils] backport some security fixes

Attached to Project: Community Packages
Opened by Allan McRae (Allan) - Thursday, 13 November 2014, 13:04 GMT
Last edited by Anatol Pomozov (anatolik) - Tuesday, 30 December 2014, 00:27 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Jakob Gruber (schuay)
Anatol Pomozov (anatolik)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

https://sourceware.org/bugzilla/show_bug.cgi?id=17509
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bd25671c6f202c4a5108883caa2adb24ff6f361f
(has backport on oss-sec mailing list)
CVE-2014-8484

https://sourceware.org/bugzilla/show_bug.cgi?id=17510
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=493a33860c71cac998f1a56d6d87d6faa801fbaa
CVE-2014-8485

https://sourceware.org/bugzilla/show_bug.cgi?id=17512
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24aeb15066b141cdff5541e0ec8e
CVE-2014-8501

https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30caef53b01bee2c0aaa5b855339
CVE-2014-8502

https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc509bba6c91df61b7ce23a799d32
CVE-2014-8503 for this ihex parser issue.

https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2d776171979aa3479e8e12a38a0
CVE-2014-8504 - note: combine with CVE-2014-8485

https://sourceware.org/bugzilla/show_bug.cgi?id=17533#c0
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f
CVE-2014-8738

https://sourceware.org/bugzilla/show_bug.cgi?id=17552#c4
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42
CVE-2014-8737


Also, look into the patch to make "strings -a" the default.
This task depends upon

Closed by  Anatol Pomozov (anatolik)
Tuesday, 30 December 2014, 00:27 GMT
Reason for closing:  Fixed
Comment by Allan McRae (Allan) - Thursday, 13 November 2014, 13:09 GMT
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=7fac9594c41ab180979bdf5927ff7f7e1d13a9e9
Comment by Levente Polyak (anthraxx) - Thursday, 13 November 2014, 20:35 GMT
this also affects community packages: arm-none-eabi-binutils avr-binutils mingw-w64-binutils
we may want to file separate bug reports for those packages.
Also severity "Low" is really underestimated as some of those (oob-write, stack/heap corruption) could result in code execution (which Michal Zalewski already proofed in one PoC by overwriting the IP (instruction pointer))
Comment by Allan McRae (Allan) - Tuesday, 18 November 2014, 09:27 GMT
Assigned to the [community] package maintainers. Look at the patchset in the binutils-2.24-8 package in [testing] for help.
Comment by Sergej Pupykin (sergej) - Tuesday, 18 November 2014, 17:11 GMT
mingw-w64-binutils fixed
Comment by Anatol Pomozov (anatolik) - Tuesday, 18 November 2014, 18:18 GMT
arm-none-eabi-binutils-2.24-3 is in [testing]
Comment by Allan McRae (Allan) - Tuesday, 18 November 2014, 22:11 GMT
Surely you mean [community-testing]...
Comment by Anatol Pomozov (anatolik) - Tuesday, 18 November 2014, 22:46 GMT
Yeah, [community-testing]. In fact I just moved it to [community].
Comment by Jakob Gruber (schuay) - Wednesday, 19 November 2014, 08:30 GMT
avr-binutils is currently building will be pushed in a few minutes.
Comment by Anatol Pomozov (anatolik) - Tuesday, 30 December 2014, 00:27 GMT
The fixed were released some time ago. In fact 2.25 has been pushed to stable. The ticket can be closed now.

Loading...