[Secure-testing-commits] r56327 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Oct 1 19:48:14 UTC 2017
Author: carnil
Date: 2017-10-01 19:48:13 +0000 (Sun, 01 Oct 2017)
New Revision: 56327
Modified:
data/CVE/list
Log:
CVE-2017-14729/binutils fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-01 19:04:56 UTC (rev 56326)
+++ data/CVE/list 2017-10-01 19:48:13 UTC (rev 56327)
@@ -573,10 +573,12 @@
CVE-2017-14730 (The init script in the Gentoo app-admin/logstash-bin package before ...)
NOT-FOR-US: Gentoo packagin flaw for Logstash
CVE-2017-14729 (The *_get_synthetic_symtab functions in the Binary File Descriptor ...)
- - binutils <unfixed>
+ - binutils 2.29.1-2
[stretch] - binutils <ignored> (Minor issue)
[jessie] - binutils <ignored> (Minor issue)
[wheezy] - binutils <ignored> (Minor issue)
+ NOTE: First version containing the fix was 2.29.1-2, which was quickly followed by
+ NOTE: a fixed 2.29.1-3 for unrelated issues.
NOTE: https://blogs.gentoo.org/ago/2017/09/25/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c/
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22170
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=56933f9e3e90eebf1018ed7417d6c1184b91db6b
More information about the Secure-testing-commits
mailing list