NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/33551 CVS commit: src/gnu/dist/binutils/bfd

The following reply was made to PR bin/33551; it has been noted by GNATS.

From: Adrian Portelli <>
Subject: PR/33551 CVS commit: src/gnu/dist/binutils/bfd
Date: Sun, 22 Jun 2008 14:02:40 +0000 (UTC)

 Module Name:   src
 Committed By:  adrianp
 Date:          Sun Jun 22 14:02:40 UTC 2008
 Modified Files:
        src/gnu/dist/binutils/bfd: tekhex.c
 Log Message:
 Fix for PR #33551 (a.k.a CVE-2006-2362)
 Back port from the binutils CVS tree
 Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation
 GNU Binutils before 20060423, as used by GNU strings, allows context-dependent
 attackers to cause a denial of service (application crash) and possibly
 execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex)
 record in which the length character is not a valid hexadecimal character.
 To generate a diff of this commit:
 cvs rdiff -r1.1.1.3 -r1.2 src/gnu/dist/binutils/bfd/tekhex.c
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index