PR/26574 CVS commit: pkgsrc/devel/binutils

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost,ishit%oak.dti.ne.jp@localhost
Subject: PR/26574 CVS commit: pkgsrc/devel/binutils
From: "Frederic Cambus" <fcambus%netbsd.org@localhost>
Date: Thu, 7 Jan 2021 09:50:01 +0000 (UTC)

The following reply was made to PR pkg/26574; it has been noted by GNATS.

From: "Frederic Cambus" <fcambus%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/26574 CVS commit: pkgsrc/devel/binutils
Date: Thu, 7 Jan 2021 09:47:48 +0000

 Module Name:	pkgsrc
 Committed By:	fcambus
 Date:		Thu Jan  7 09:47:48 UTC 2021

 Modified Files:
 	pkgsrc/devel/binutils: Makefile distinfo
 Added Files:
 	pkgsrc/devel/binutils/patches: patch-bfd_elf.c patch-bfd_elfcode.h

 Log Message:
 binutils: add upstream fixes for CVE-2020-35448.

 From upstream commit log:

 PR26574, heap buffer overflow in _bfd_elf_slurp_secondary_reloc_section

 A horribly fuzzed object with section headers inside the ELF header.
 Disallow that, and crazy reloc sizes.

 	PR 26574
 	* elfcode.h (elf_object_p): Sanity check section header offset.
 	* elf.c (_bfd_elf_slurp_secondary_reloc_section): Sanity check
 	sh_entsize.

 To generate a diff of this commit:
 cvs rdiff -u -r1.93 -r1.94 pkgsrc/devel/binutils/Makefile
 cvs rdiff -u -r1.38 -r1.39 pkgsrc/devel/binutils/distinfo
 cvs rdiff -u -r0 -r1.1 pkgsrc/devel/binutils/patches/patch-bfd_elf.c \
     pkgsrc/devel/binutils/patches/patch-bfd_elfcode.h

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Prev by Date: Re: pkg/52531 (lang/openjdk7 fails to build on netbsd-8)
Next by Date: PR/55912 CVS commit: pkgsrc/multimedia/gstreamer1
Previous by Thread: Re: pkg/46055 (lang/openjdk7 fails to build)
Next by Thread: PR/55912 CVS commit: pkgsrc/multimedia/gstreamer1
Indexes:

Home | Main Index | Thread Index | Old Index