pkg/32190: Security fix devel/binutils

To: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/32190: Security fix devel/binutils
From: "Andreas Hallmann,,," <root%ahatec.de@localhost>
Date: Tue, 29 Nov 2005 12:14:00 +0000 (UTC)

>Number:         32190
>Category:       pkg
>Synopsis:       Security fix devel/binutils
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 29 12:14:00 +0000 2005
>Originator:     Andreas Hallmann
>Release:        NetBSD 1.6.2_STABLE
>Organization:
        Hallmann EDV Dienstleistungen
>Environment:
System: NetBSD nda 1.6.2_STABLE NetBSD 1.6.2_STABLE (AHAv8#2) #11: Mon May 23 
09:22:03 CEST 2005 toor@nda:/mounts/netbsd/src/sys/arch/sparc/compile/AHAv8#2 
sparc
Architecture: sparc
Machine: sparc
>Description:
        binutils are vulnarable by buffer overflow
        Version 2.16.1 is said to be fixed with respect this issue by gentoo 
linux security advisory GLSA 200506-01/binutils (who detected the bug)
        Therefor this upgrade.
        ATTENTION: Our security audit should be updated to accept binutils 
>=2.16.1.0
        Since this VULNERABILITY is remote exploitable ... a pull up to 
pkgsrc-2005Q3 should be considered.

>How-To-Repeat:
>Fix:

Index: devel/binutils/Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/devel/binutils/Makefile,v
retrieving revision 1.27
diff -r1.27 Makefile
3,4c3,4
< DISTNAME=     binutils-2.15
< PKGNAME=      binutils-2.15.0.0
---
> DISTNAME=     binutils-2.16.1
> PKGNAME=      binutils-2.16.1.0
Index: devel/binutils/PLIST.common
===================================================================
RCS file: /cvsroot/pkgsrc/devel/binutils/PLIST.common,v
retrieving revision 1.9
diff -r1.9 PLIST.common
34a35
> ${PKGLOCALEDIR}/locale/ro/LC_MESSAGES/binutils.mo
49a51
> ${NO_GPROF}${PKGLOCALEDIR}/locale/vi/LC_MESSAGES/gprof.mo
Index: devel/binutils/distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/devel/binutils/distinfo,v
retrieving revision 1.5
diff -r1.5 distinfo
3,6c3,6
< SHA1 (binutils-2.15.tar.gz) = 4caf693b8cbaf1118d2bfddb40a2fc91eaf51a6f
< RMD160 (binutils-2.15.tar.gz) = d23535cb8ba5f68f095e34b7c5f7163c9c15c80e
< Size (binutils-2.15.tar.gz) = 15134701 bytes
< SHA1 (patch-aa) = 34f4efe9ab793c38eccb016bd9498a7db1494953
---
> SHA1 (binutils-2.16.1.tar.gz) = df79ed47b4388a205adf3089d4e36ce47724c940
> RMD160 (binutils-2.16.1.tar.gz) = 304b2b53f9aa15794962af842f4f93b71308c495
> Size (binutils-2.16.1.tar.gz) = 16378360 bytes
> SHA1 (patch-aa) = 3f0b6cc9c0aff0dd2e400334f08da4a22cfc443e
Index: devel/binutils/patches/patch-aa
===================================================================
RCS file: /cvsroot/pkgsrc/devel/binutils/patches/patch-aa,v
retrieving revision 1.2
diff -r1.2 patch-aa
1c1
< $NetBSD: patch-aa,v 1.2 2003/07/14 19:01:36 fredb Exp $
---
> $NetBSD$
3c3
< --- configure.orig    Mon Jul 14 09:36:26 2003
---
> --- configure.orig    Mon Feb 28 15:06:59 2005
5c5
< @@ -784,7 +784,7 @@ host_libs="intl mmalloc libiberty opcode
---
> @@ -914,7 +914,7 @@ host_libs="intl mmalloc libiberty opcode
9,10c9,10
< -host_tools="texinfo byacc flex bison binutils gas ld gcc sid sim gdb make 
patch prms send-pr gprof etc expect dejagnu ash bash bzip2 m4 autoconf automake 
libtool diff rcs fileutils shellutils time textutils wdiff find uudecode hello 
tar gzip indent recode release sed utils guile perl gawk findutils gettext zip 
fastjar"
< +host_tools="texinfo byacc flex bison binutils gas ld gcc sid sim gdb make 
patch prms send-pr gprof expect dejagnu ash bash bzip2 m4 autoconf automake 
libtool diff rcs fileutils shellutils time textutils wdiff find uudecode hello 
tar gzip indent recode release sed utils guile perl gawk findutils gettext zip 
fastjar"
---
> -host_tools="texinfo byacc flex bison binutils gas ld fixincludes gcc sid sim 
> gdb make patch prms send-pr gprof etc expect dejagnu ash bash bzip2 m4 
> autoconf automake libtool diff rcs fileutils shellutils time textutils wdiff 
> find uudecode hello tar gzip indent recode release sed utils guile perl gawk 
> findutils gettext zip fastjar gnattools"
> +host_tools="texinfo byacc flex bison binutils gas ld fixincludes gcc sid sim 
> gdb make patch prms send-pr gprof expect dejagnu ash bash bzip2 m4 autoconf 
> automake libtool diff rcs fileutils shellutils time textutils wdiff find 
> uudecode hello tar gzip indent recode release sed utils guile perl gawk 
> findutils gettext zip fastjar gnattools"

Prev by Date: PR/32189 CVS commit: pkgsrc/doc
Next by Date: pkg/32195: pkgsrc/meta-pkg/gnustep fails on FreeBSD 5.4
Previous by Thread: PR/32189 CVS commit: pkgsrc/doc
Next by Thread: pkg/32195: pkgsrc/meta-pkg/gnustep fails on FreeBSD 5.4
Indexes:

Home | Main Index | Thread Index | Old Index