https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Bug ID: 1162621 Summary: CVE-2014-8504 binutils: stack overflow in the SREC parser Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@redhat.com Reporter: vkaigoro@redhat.com CC: bgollahe@redhat.com, dan@danny.cz, dhowells@redhat.com, erik-fedora@vanpienbroek.nl, fedora-mingw@lists.fedoraproject.org, jakub@redhat.com, kalevlember@gmail.com, kanderso@redhat.com, ktietz@redhat.com, law@redhat.com, lkocman@redhat.com, lkundrak@v3.sk, mfranc@redhat.com, mhlavink@redhat.com, nickc@redhat.com, ohudlick@redhat.com, pfrankli@redhat.com, rjones@redhat.com, rob@robspanton.com, seceng-idm-qe-list@redhat.com, swhiteho@redhat.com, thibault.north@gmail.com, tmlcoch@redhat.com, trond.danielsen@gmail.com
Stack overflow issue was reported [1] in SREC parser in binutils. Upstream patch that fixes this issue is at [2].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7 [2]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2d77...
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1156276
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1162622 Depends On| |1162623 Depends On| |1162624 Depends On| |1162625 Depends On| |1162626 Depends On| |1162627 Depends On| |1162628 Depends On| |1162629 Depends On| |1162630
--- Comment #1 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created mingw-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162626] Affects: epel-all [bug 1162630]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1162622 [Bug 1162622] CVE-2014-8504 arm-none-eabi-binutils-cs: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162623 [Bug 1162623] CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162624 [Bug 1162624] CVE-2014-8504 binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162625 [Bug 1162625] CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162626 [Bug 1162626] CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162627 [Bug 1162627] CVE-2014-8504 msp430-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162628 [Bug 1162628] CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162629 [Bug 1162629] CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162630 [Bug 1162630] CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #2 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created avr-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162623] Affects: epel-all [bug 1162628]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #3 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created arm-none-eabi-binutils-cs tracking bugs for this issue:
Affects: fedora-all [bug 1162622]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #4 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created msp430-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162627]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #5 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created cross-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162625] Affects: epel-all [bug 1162629]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #6 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162624]
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-sec,cvss2=1.2/AV:L/AC:H/A |s-sec,cvss2=1.2/AV:L/AC:H/A |u:N/C:P/I:N/A:N,cwe=CWE-121 |u:N/C:P/I:N/A:N,cwe=CWE-121 |,dts-2.1/devtoolset-2-binut |,dts-2.1/devtoolset-2-binut |ils=new,dts-3.0/devtoolset- |ils=affected,dts-3.0/devtoo |3-binutils=new,fedora-all/a |lset-3-binutils=affected,fe |rm-none-eabi-binutils-cs=af |dora-all/arm-none-eabi-binu |fected,fedora-all/avr-binut |tils-cs=affected,fedora-all |ils=affected,fedora-all/bin |/avr-binutils=affected,fedo |utils=affected,fedora-all/c |ra-all/binutils=affected,fe |ross-binutils=affected,fedo |dora-all/cross-binutils=aff |ra-all/mingw-binutils=affec |ected,fedora-all/mingw-binu |ted,fedora-all/msp430-binut |tils=affected,fedora-all/ms |ils=affected,rhel-4/binutil |p430-binutils=affected,rhel |s=new,rhel-5/binutils=new,r |-5/binutils=wontfix,rhel-5/ |hel-5/binutils220=new,rhel- |binutils220=wontfix,rhel-6/ |6/binutils=new,rhel-6/mingw |binutils=affected,rhel-6/mi |32-binutils=new,rhel-7/binu |ngw32-binutils=defer,rhel-7 |tils=new,epel-all/avr-binut |/binutils=affected,epel-all |ils=affected,epel-all/cross |/avr-binutils=affected,epel |-binutils=affected,epel-all |-all/cross-binutils=affecte |/mingw-binutils=affected |d,epel-all/mingw-binutils=a | |ffected
--- Comment #7 from Vasyl Kaigorodov vkaigoro@redhat.com --- Statement:
Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |binutils 2.25
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1168281
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1168302
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-sec,cvss2=1.2/AV:L/AC:H/A |s-sec,cvss2=1.2/AV:L/AC:H/A |u:N/C:P/I:N/A:N,cwe=CWE-121 |u:N/C:P/I:N/A:N,cwe=CWE-121 |,dts-2.1/devtoolset-2-binut |,dts-2.1/devtoolset-2-binut |ils=affected,dts-3.0/devtoo |ils=affected,dts-3.0/devtoo |lset-3-binutils=affected,fe |lset-3-binutils=affected,fe |dora-all/arm-none-eabi-binu |dora-all/arm-none-eabi-binu |tils-cs=affected,fedora-all |tils-cs=affected,fedora-all |/avr-binutils=affected,fedo |/avr-binutils=affected,fedo |ra-all/binutils=affected,fe |ra-all/binutils=affected,fe |dora-all/cross-binutils=aff |dora-all/cross-binutils=aff |ected,fedora-all/mingw-binu |ected,fedora-all/mingw-binu |tils=affected,fedora-all/ms |tils=affected,fedora-all/ms |p430-binutils=affected,rhel |p430-binutils=affected,rhel |-5/binutils=wontfix,rhel-5/ |-5/binutils=wontfix,rhel-5/ |binutils220=wontfix,rhel-6/ |binutils220=wontfix,rhel-6/ |binutils=affected,rhel-6/mi |binutils=affected,rhel-6/mi |ngw32-binutils=defer,rhel-7 |ngw32-binutils=wontfix,rhel |/binutils=affected,epel-all |-7/binutils=affected,epel-a |/avr-binutils=affected,epel |ll/avr-binutils=affected,ep |-all/cross-binutils=affecte |el-all/cross-binutils=affec |d,epel-all/mingw-binutils=a |ted,epel-all/mingw-binutils |ffected |=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-sec,cvss2=1.2/AV:L/AC:H/A |s-sec,cvss2=1.2/AV:L/AC:H/A |u:N/C:P/I:N/A:N,cwe=CWE-121 |u:N/C:P/I:N/A:N,cwe=CWE-121 |,dts-2.1/devtoolset-2-binut |,dts-2.1/devtoolset-2-binut |ils=affected,dts-3.0/devtoo |ils=affected,dts-3.0/devtoo |lset-3-binutils=affected,fe |lset-3-binutils=affected,fe |dora-all/arm-none-eabi-binu |dora-all/arm-none-eabi-binu |tils-cs=affected,fedora-all |tils-cs=affected,fedora-all |/avr-binutils=affected,fedo |/avr-binutils=affected,fedo |ra-all/binutils=affected,fe |ra-all/binutils=affected,fe |dora-all/cross-binutils=aff |dora-all/cross-binutils=aff |ected,fedora-all/mingw-binu |ected,fedora-all/mingw-binu |tils=affected,fedora-all/ms |tils=affected,fedora-all/ms |p430-binutils=affected,rhel |p430-binutils=affected,rhel |-5/binutils=wontfix,rhel-5/ |-5/binutils=wontfix,rhel-5/ |binutils220=wontfix,rhel-6/ |binutils220=wontfix,rhel-6/ |binutils=affected,rhel-6/mi |binutils=affected,rhel-6/mi |ngw32-binutils=wontfix,rhel |ngw32-binutils=wontfix,rhel |-7/binutils=affected,epel-a |-7/binutils=defer,epel-all/ |ll/avr-binutils=affected,ep |avr-binutils=affected,epel- |el-all/cross-binutils=affec |all/cross-binutils=affected |ted,epel-all/mingw-binutils |,epel-all/mingw-binutils=af |=affected |fected
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162622, which changed state.
Bug 1162622 Summary: CVE-2014-8504 arm-none-eabi-binutils-cs: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162622
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #9 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162623, which changed state.
Bug 1162623 Summary: CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162623
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #10 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #11 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #12 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #13 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #14 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1172710
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162626, which changed state.
Bug 1162626 Summary: CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162626
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162630, which changed state.
Bug 1162630 Summary: CVE-2014-8504 mingw-binutils: binutils: stack overflow in the SREC parser [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162630
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162625, which changed state.
Bug 1162625 Summary: CVE-2014-8504 cross-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162625
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |CLOSED Resolution|--- |CURRENTRELEASE
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #16 from Vasyl Kaigorodov vkaigoro@redhat.com --- Reproducer for this is available at http://lcamtuf.coredump.cx/strings-stack-overflow - just run "strings" utility on that crafted file.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-sec,cvss2=1.2/AV:L/AC:H/A |s-security,cvss2=1.2/AV:L/A |u:N/C:P/I:N/A:N,cwe=CWE-121 |C:H/Au:N/C:P/I:N/A:N,cwe=CW |,dts-2.1/devtoolset-2-binut |E-121,dts-2.1/devtoolset-2- |ils=affected,dts-3.0/devtoo |binutils=affected,dts-3.0/d |lset-3-binutils=affected,fe |evtoolset-3-binutils=affect |dora-all/arm-none-eabi-binu |ed,fedora-all/arm-none-eabi |tils-cs=affected,fedora-all |-binutils-cs=affected,fedor |/avr-binutils=affected,fedo |a-all/avr-binutils=affected |ra-all/binutils=affected,fe |,fedora-all/binutils=affect |dora-all/cross-binutils=aff |ed,fedora-all/cross-binutil |ected,fedora-all/mingw-binu |s=affected,fedora-all/mingw |tils=affected,fedora-all/ms |-binutils=affected,fedora-a |p430-binutils=affected,rhel |ll/msp430-binutils=affected |-5/binutils=wontfix,rhel-5/ |,rhel-5/binutils=wontfix,rh |binutils220=wontfix,rhel-6/ |el-5/binutils220=wontfix,rh |binutils=affected,rhel-6/mi |el-6/binutils=affected,rhel |ngw32-binutils=wontfix,rhel |-6/mingw32-binutils=wontfix |-7/binutils=defer,epel-all/ |,rhel-7/binutils=defer,epel |avr-binutils=affected,epel- |-all/avr-binutils=affected, |all/cross-binutils=affected |epel-all/cross-binutils=aff |,epel-all/mingw-binutils=af |ected,epel-all/mingw-binuti |fected |ls=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Doc Text *updated* by Vasyl Kaigorodov vkaigoro@redhat.com --- A stack-based buffer overflow flaw was found in the SREC parser of libbfd library. If a user were tricked into running a binutils utility on a specially crafted file, it could cause this utility to crash or potentially execute arbitrary code with the privileges of the user running that utility.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- A stack-based buffer overflow flaw was found in the SREC parser of the libbfd library. A specially crafted file could cause an application using the libbfd library to crash or, potentially, execute arbitrary code with the privileges of the user running that application.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- A stack-based buffer overflow flaw was found in the way objdump processed IHEX files. A specially crafted IHEX file could cause objdump to crash or, potentially, execute arbitrary code with the privileges of the user running objdump.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- A stack-based buffer overflow flaw was found in the SREC parser of the libbfd library. A specially crafted file could cause an application using the libbfd library to crash or, potentially, execute arbitrary code with the privileges of the user running that application.
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #18 from Nick Clifton nickc@redhat.com --- Created attachment 1043598 --> https://bugzilla.redhat.com/attachment.cgi?id=1043598&action=edit Patch imported from PR 17510
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #19 from Nick Clifton nickc@redhat.com --- Created attachment 1043599 --> https://bugzilla.redhat.com/attachment.cgi?id=1043599&action=edit Corrupt SREC file
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Nick Clifton nickc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |MODIFIED Fixed In Version|binutils 2.25 |(binutils-2.23.52.0.1-48.el | |7
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162624, which changed state.
Bug 1162624 Summary: CVE-2014-8504 binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162624
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug 1162621 depends on bug 1162627, which changed state.
Bug 1162627 Summary: CVE-2014-8504 msp430-binutils: binutils: stack overflow in the SREC parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162627
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |NEW Fixed In Version|(binutils-2.23.52.0.1-48.el |binutils 2.25 |7 |
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Miloš Prchlík mprchlik@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mprchlik@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1210268
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-security,cvss2=1.2/AV:L/A |s-security,cvss2=1.2/AV:L/A |C:H/Au:N/C:P/I:N/A:N,cwe=CW |C:H/Au:N/C:P/I:N/A:N,cwe=CW |E-121,dts-2.1/devtoolset-2- |E-121,dts-2.1/devtoolset-2- |binutils=affected,dts-3.0/d |binutils=affected,dts-3.0/d |evtoolset-3-binutils=affect |evtoolset-3-binutils=affect |ed,fedora-all/arm-none-eabi |ed,fedora-all/arm-none-eabi |-binutils-cs=affected,fedor |-binutils-cs=affected,fedor |a-all/avr-binutils=affected |a-all/avr-binutils=affected |,fedora-all/binutils=affect |,fedora-all/binutils=affect |ed,fedora-all/cross-binutil |ed,fedora-all/cross-binutil |s=affected,fedora-all/mingw |s=affected,fedora-all/mingw |-binutils=affected,fedora-a |-binutils=affected,fedora-a |ll/msp430-binutils=affected |ll/msp430-binutils=affected |,rhel-5/binutils=wontfix,rh |,rhel-5/binutils=wontfix,rh |el-5/binutils220=wontfix,rh |el-5/binutils220=wontfix,rh |el-6/binutils=affected,rhel |el-6/binutils=affected,rhel |-6/mingw32-binutils=wontfix |-6/mingw32-binutils=wontfix |,rhel-7/binutils=defer,epel |,rhel-7/binutils=affected,e |-all/avr-binutils=affected, |pel-all/avr-binutils=affect |epel-all/cross-binutils=aff |ed,epel-all/cross-binutils= |ected,epel-all/mingw-binuti |affected,epel-all/mingw-bin |ls=affected |utils=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141027, |impact=low,public=20141027, |reported=20141111,source=os |reported=20141111,source=os |s-security,cvss2=1.2/AV:L/A |s-security,cvss2=1.2/AV:L/A |C:H/Au:N/C:P/I:N/A:N,cwe=CW |C:H/Au:N/C:P/I:N/A:N,cwe=CW |E-121,dts-2.1/devtoolset-2- |E-121,dts-2.1/devtoolset-2- |binutils=affected,dts-3.0/d |binutils=wontfix,dts-3.0/de |evtoolset-3-binutils=affect |vtoolset-3-binutils=affecte |ed,fedora-all/arm-none-eabi |d,fedora-all/arm-none-eabi- |-binutils-cs=affected,fedor |binutils-cs=affected,fedora |a-all/avr-binutils=affected |-all/avr-binutils=affected, |,fedora-all/binutils=affect |fedora-all/binutils=affecte |ed,fedora-all/cross-binutil |d,fedora-all/cross-binutils |s=affected,fedora-all/mingw |=affected,fedora-all/mingw- |-binutils=affected,fedora-a |binutils=affected,fedora-al |ll/msp430-binutils=affected |l/msp430-binutils=affected, |,rhel-5/binutils=wontfix,rh |rhel-5/binutils=wontfix,rhe |el-5/binutils220=wontfix,rh |l-5/binutils220=wontfix,rhe |el-6/binutils=affected,rhel |l-6/binutils=affected,rhel- |-6/mingw32-binutils=wontfix |6/mingw32-binutils=wontfix, |,rhel-7/binutils=affected,e |rhel-7/binutils=affected,ep |pel-all/avr-binutils=affect |el-all/avr-binutils=affecte |ed,epel-all/cross-binutils= |d,epel-all/cross-binutils=a |affected,epel-all/mingw-bin |ffected,epel-all/mingw-binu |utils=affected |tils=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--- Comment #20 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:2079 https://rhn.redhat.com/errata/RHSA-2015-2079.html