[Bug 1162621] New: CVE-2014-8504 binutils: stack overflow in the SREC parser
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Bug ID: 1162621
Summary: CVE-2014-8504 binutils: stack overflow in the SREC
parser
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: bgollahe(a)redhat.com, dan(a)danny.cz,
dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
jakub(a)redhat.com, kalevlember(a)gmail.com,
kanderso(a)redhat.com, ktietz(a)redhat.com,
law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk,
mfranc(a)redhat.com, mhlavink(a)redhat.com,
nickc(a)redhat.com, ohudlick(a)redhat.com,
pfrankli(a)redhat.com, rjones(a)redhat.com,
rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com,
swhiteho(a)redhat.com, thibault.north(a)gmail.com,
tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com
Stack overflow issue was reported [1] in SREC parser in binutils.
Upstream patch that fixes this issue is at [2].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7
[2]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=bHcxYEBDhk&a=cc_unsubscribe
8 years, 5 months
[Bug 1162607] New: CVE-2014-8503 binutils: stack overflow in objdump when parsing specially crafted ihex file
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1162607
Bug ID: 1162607
Summary: CVE-2014-8503 binutils: stack overflow in objdump when
parsing specially crafted ihex file
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: bgollahe(a)redhat.com, dan(a)danny.cz,
dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
jakub(a)redhat.com, kalevlember(a)gmail.com,
kanderso(a)redhat.com, ktietz(a)redhat.com,
law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk,
mfranc(a)redhat.com, mhlavink(a)redhat.com,
nickc(a)redhat.com, ohudlick(a)redhat.com,
pfrankli(a)redhat.com, rjones(a)redhat.com,
rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com,
swhiteho(a)redhat.com, thibault.north(a)gmail.com,
tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com
Stack overflow was reported [1] in objdump when parsing a crafted ihex file
[2].
Upstream patch is at [3].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33
[2]: https://sourceware.org/bugzilla/attachment.cgi?id=7869
[3]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc5...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fWj88qzSHL&a=cc_unsubscribe
8 years, 5 months
[Bug 1162594] New: CVE-2014-8502 binutils: heap overflow in objdump
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1162594
Bug ID: 1162594
Summary: CVE-2014-8502 binutils: heap overflow in objdump
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: bgollahe(a)redhat.com, dan(a)danny.cz,
dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
jakub(a)redhat.com, kalevlember(a)gmail.com,
kanderso(a)redhat.com, ktietz(a)redhat.com,
law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk,
mfranc(a)redhat.com, mhlavink(a)redhat.com,
nickc(a)redhat.com, ohudlick(a)redhat.com,
pfrankli(a)redhat.com, rjones(a)redhat.com,
rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com,
swhiteho(a)redhat.com, thibault.north(a)gmail.com,
tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com
A heap overflow was reborted [1] when running objdump on a specially crafted PE
executable [2].
Upstream patches that address this are at [3] and [4].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17
[2]: https://sourceware.org/bugzilla/attachment.cgi?id=7862
[3]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30...
[4]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=acafeb6056bec4...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=pnYCBTnBr5&a=cc_unsubscribe
8 years, 5 months
[Bug 1162570] New: CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1162570
Bug ID: 1162570
Summary: CVE-2014-8501 binutils: out-of-bounds write when
parsing specially crafted PE executable
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: bgollahe(a)redhat.com, dan(a)danny.cz,
dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
jakub(a)redhat.com, kalevlember(a)gmail.com,
kanderso(a)redhat.com, ktietz(a)redhat.com,
law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk,
mfranc(a)redhat.com, mhlavink(a)redhat.com,
nickc(a)redhat.com, ohudlick(a)redhat.com,
pfrankli(a)redhat.com, rjones(a)redhat.com,
rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com,
swhiteho(a)redhat.com, thibault.north(a)gmail.com,
tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com
It was reported [1] that running strings, nm or objdump on a constructed PE
file [2] leads to out-of bounds write to an unitialized memory area.
Upstream path for this issue is at [3].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c0
[2]: https://sourceware.org/bugzilla/attachment.cgi?id=7849
[3]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=xVCMYjG9bG&a=cc_unsubscribe
8 years, 5 months
[Bug 1212162] New: Exception handling corrupts a VLA
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1212162
Bug ID: 1212162
Summary: Exception handling corrupts a VLA
Product: Fedora
Version: 21
Component: mingw32-gcc
Assignee: rjones(a)redhat.com
Reporter: hedayatv(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
kalevlember(a)gmail.com, rjones(a)redhat.com
Description of problem:
Code:
-----------------------------------------------------------------
#include <iostream>
#include <cstring>
#include <sstream>
#include <stdexcept>
using namespace std;
int main(int argc, char **argv)
{
int n;
stringstream ss(argv[1]);
ss >> n;
cout << "N: " << n << endl;
char tbuff[n];
try
{
memset(tbuff, 0, n);
throw runtime_error("ERR");
}
catch (exception &e)
{
cout << "Writing to VLA" << endl;
memset(tbuff, 0, n);
cout << "Wrote" << endl;
}
}
-----------------------------------------------------------------
Compiled with:
/usr/bin/i686-w64-mingw32-g++ -O2 test.cpp -o t
Run with wine (similar results under Windows) results in crash:
[]% ./t 100
fixme:winediag:start_process Wine Staging is a testing version containing
experimental patches.
fixme:winediag:start_process Please report bugs at http://bugs.wine-staging.com
(instead of winehq.org).
N: 100
Writing to VLA
wine: Unhandled page fault on read access to 0x00000000 at address (nil)
(thread 0009), starting debugger...
Unhandled exception: page fault on read access to 0x00000000 in 32-bit code
(0x00000000).
....
Version-Release number of selected component (if applicable):
mingw32-gcc-c++-4.9.2-1.fc21.x86_64
How reproducible:
100%
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fSJiOBofWA&a=cc_unsubscribe
8 years, 5 months
[Bug 1124436] libtool wrapper corrupts command line on Windows
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1124436
--- Comment #13 from Fedora End Of Life <endoflife(a)fedoraproject.org> ---
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora 'version'
of '20'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.
Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 20 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=lSXWBxU2UG&a=cc_unsubscribe
8 years, 10 months
GnuTLS 3.4 is now in rawhide
by Michael Cronenworth
Hello,
After the nettle rebuild GnuTLS has also bumped ABI.
We need rebuilds of:
mingw-glib-networking
mingw-gvnc
mingw-libmicrohttpd
mingw-libvirt
I will take care of libmicrohttpd.
Thanks,
Michael
8 years, 11 months