[SECURITY] Fedora EPEL 7 Update: mingw-binutils-2.25-1.el7
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 9 02:59:56 UTC 2015
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-4901
2014-12-24 17:24:49
--------------------------------------------------------------------------------
Name : mingw-binutils
Product : Fedora EPEL 7
Version : 2.25
Release : 1.el7
URL : http://www.gnu.org/software/binutils/
Summary : Cross-compiled version of binutils for Win32 and Win64 environments
Description :
Cross compiled binutils (utilities like 'strip', 'as', 'ld') which
understand Windows executables and DLLs.
--------------------------------------------------------------------------------
Update Information:
Fix various CVE's
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162583 - CVE-2014-8501 mingw-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162583
[ 2 ] Bug #1162602 - CVE-2014-8502 mingw-binutils: binutils: heap overflow in objdump [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162602
[ 3 ] Bug #1162612 - CVE-2014-8503 mingw-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162612
[ 4 ] Bug #1162626 - CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162626
[ 5 ] Bug #1162660 - mingw-binutils: binutils: directory traversal vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162660
[ 6 ] Bug #1162673 - mingw-binutils: binutils: out of bounds memory write [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162673
[ 7 ] Bug #1162606 - CVE-2014-8502 mingw-binutils: binutils: heap overflow in objdump [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162606
[ 8 ] Bug #1162619 - CVE-2014-8503 mingw-binutils: binutils: stack overflow in objdump when parsing specially crafted ihex file [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162619
[ 9 ] Bug #1162630 - CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162630
[ 10 ] Bug #1162665 - mingw-binutils: binutils: directory traversal vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162665
[ 11 ] Bug #1162678 - mingw-binutils: binutils: out of bounds memory write [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162678
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mingw-binutils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the epel-package-announce
mailing list