Higher-level library to access ELF
This package provides a higher-level library to access ELF files. This
is a part of elfutils package.
-
1
derived packages
- Links to openSUSE:Factory / elfutils
- Has a link diff
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout Kernel:tools/elfutils && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
README-BEFORE-ADDING-PATCHES | 0000000488 488 Bytes | |
_constraints | 0000000135 135 Bytes | |
baselibs.conf | 0000000399 399 Bytes | |
cfi-fix.patch | 0000000385 385 Bytes | |
dwelf_elf_e_machine_string.patch | 0000000444 444 Bytes | |
elfutils-0.177.tar.bz2 | 0008852413 8.44 MB | |
elfutils-0.177.tar.bz2.sig | 0000000310 310 Bytes | |
elfutils.changes | 0000038675 37.8 KB | |
elfutils.keyring | 0000011658 11.4 KB | |
elfutils.spec | 0000007807 7.62 KB |
Revision 6 (latest revision is 11)
Michal Suchanek (michals)
accepted
request 906714
from
Michal Suchanek (michals)
(revision 6)
Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007) - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973) - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726) - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Double-free crash in nm and readelf - CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390) - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088) - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087) - CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086) - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084) - CVE-2016-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bnc#1033090)
Comments 0