[Bug 849693] CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary
bugzilla at redhat.com
bugzilla at redhat.com
Thu Nov 15 19:49:04 UTC 2012
Product: Security Response
https://bugzilla.redhat.com/show_bug.cgi?id=849693
--- Comment #30 from Jan Kratochvil <jan.kratochvil at redhat.com> ---
(In reply to comment #29)
> The following packages actually export the _objalloc_alloc symbol
This is incomplete as _objalloc_alloc does not have to be exported but it still
can be used inside the binary.
Package 'gdb' exports its very every symbol but this is a current bug to be
fixed. It is caused due to its linkage with Python:
-Xlinker -export-dynamic
avr-gdb does not link with Python so it does not wasterfully export everything.
Therefore to very avr-gdb one has to verify _objalloc_alloc presence by:
# yum install avr-gdb-debuginfo
$ nm /usr/lib/debug/usr/bin/avr-gdb.debug | grep -w _objalloc_alloc
00000000005d85c0 T _objalloc_alloc
So avr-gdb and probably some other packages should be also listed as affected.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the mingw
mailing list