FEDORA-2014-14995

security update in Fedora 21 for avr-binutils

Status: stable 4 years ago
  • fix directory traversal vulnerability
  • fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
  • fix CVE-2014-8502: heap overflow in objdump
  • fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
  • fix CVE-2014-8504: stack overflow in the SREC parser
  • fix out of bounds memory write

Comments 16

This update has been submitted for testing by mhlavink.

4 years ago
taskotron 4 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/11937/steps/runtask/logs/stdio (results are informative only)

taskotron 4 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/11937/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

4 years ago

This update has been pushed to testing

4 years ago

mhlavink has edited this update. New build(s): avr-binutils-2.24-4.fc21. Removed build(s): avr-binutils-2.24-3.fc21.

4 years ago

This update has been submitted for testing by mhlavink.

4 years ago
taskotron 4 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12607/steps/runtask/logs/stdio (results are informative only)

taskotron 4 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12607/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

4 years ago

This update has been pushed to testing

4 years ago

This update has been submitted for stable by mhlavink.

4 years ago
taskotron 4 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/14993/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

4 years ago

This update is currently being pushed to the Fedora 21 stable updates repository.

4 years ago

This update has been pushed to stable

4 years ago

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 4 years ago
in testing 4 years ago
in stable 4 years ago
modified 4 years ago

Related Bugs 10
00 #1162570 CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
00 #1162575 CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
00 #1162594 CVE-2014-8502 binutils: heap overflow in objdump when parsing a crafted ELF/PE binary file (incomplete fix for CVE-2014-8485)
00 #1162599 CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
00 #1162621 CVE-2014-8504 binutils: stack overflow in the SREC parser
00 #1162623 CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]
00 #1162655 CVE-2014-8737 binutils: directory traversal vulnerability
00 #1162657 avr-binutils: binutils: directory traversal vulnerability [fedora-all]
00 #1162666 CVE-2014-8738 binutils: out of bounds memory write
00 #1162670 avr-binutils: binutils: out of bounds memory write [fedora-all]

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-4.1.1 on bodhi-web-95-tfghd.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Legal | Privacy policy