[El-errata] ELSA-2015-2079 Moderate: Oracle Linux 7 binutils security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Nov 23 19:11:32 PST 2015


Oracle Linux Security Advisory ELSA-2015-2079

http://linux.oracle.com/errata/ELSA-2015-2079.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
binutils-2.23.52.0.1-55.el7.x86_64.rpm
binutils-devel-2.23.52.0.1-55.el7.i686.rpm
binutils-devel-2.23.52.0.1-55.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/binutils-2.23.52.0.1-55.el7.src.rpm



Description of changes:

[2.23.52.0.1-55]
- Add missing delta to patch that fixes parsing corrupted archives.
   (#1162666)

[2.23.52.0.1-54]
- Import patch for PR 18270: Create AArch64 GOT entries for local symbols.
   (#1238783)

[2.23.52.0.1-51]
- Fix incorrectly generated binaries and DSOs on PPC platforms.
   (#1247126)

[2.23.52.0.1-50]
- Fix memory corruption parsing corrupt archives.
   (#1162666)

[2.23.52.0.1-49]
- Fix directory traversal vulnerability.
   (#1162655)

[2.23.52.0.1-48]
- Fix stack overflow in SREC parser.
   (#1162621)

[2.23.52.0.1-47]
- Fix stack overflow whilst parsing a corrupt iHex file.
   (#1162607)

[2.23.52.0.1-46]
- Fix out of bounds memory accesses when parsing corrupt PE binaries.
   (#1162594, #1162570)

[2.23.52.0.1-45]
- Change strings program to default to -a.  Fix problems parsing
   files containg corrupt ELF group sections.  (#1157276)

[2.23.52.0.1-44]
- Avoid reading beyond function boundary when disassembling.
   (#1060282)

- For binary ouput, we don't have an ELF bfd output so can't access
   elf_elfheader.  (#1226864)

[2.23.52.0.1-43]
- Don't discard stap probe note sections on aarch64 (#1225091)

[2.23.52.0.1-42]
- Clamp maxpagesize at 1 (rather than 0) to avoid segfaults
   in the linker when passed a bogus max-page-size argument.
   (#1203449)

[2.23.52.0.1-41]
- Fixup bfd elf_link_add_object_symbols for ppc64 to prevent subsequent
   uninitialized accesses elsewhere. (#1172766)

[2.23.52.0.1-40]
- Minor testsuite adjustments for PPC changes in -38/-39.
   (#1183838)
   Fix md_assemble for PPC to handle arithmetic involving the TOC
   better.  (#1183838)

[2.23.52.0.1-39]
- Fix ppc64: segv in libbfd (#1172766).

[2.23.52.0.1-38]
- Unconditionally apply ppc64le patches (#1183838).

[2.23.52.0.1-37]
- Andreas's backport of z13 and dependent fixes for s390,
   including tesetcase fix from Apr 27, 2015.  (#1182153)

[2.23.52.0.1-35]
- Fixup testsuite for AArch64 (#1182111)
- Add support for @localentry for LE PPC64 (#1194164)

[2.23.52.0.1-34]
- Do not install windmc(1) man page (#850832)

[2.23.52.0.1-33]
- Don't replace R_390_TLS_LE{32,64} with R_390_TLS_TPOFF for PIE
   (#872148)
- Enable relro by default for arm and aarch64 (#1203449)
- Backport 3 RELRO improvements for ppc64/ppc64le from upstream
   (#1175624)

[2.23.52.0.1-31]
- Backport upstream RELRO fixes. (#1200138)





More information about the El-errata mailing list