{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": false, "require_testcases": false, "display_name": "", "notes": "- fix directory traversal vulnerability\r\n- fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable\r\n- fix CVE-2014-8502: heap overflow in objdump\r\n- fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file\r\n- fix CVE-2014-8504: stack overflow in the SREC parser\r\n- fix out of bounds memory write", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2014-11-12 17:51:08", "date_modified": "2014-11-14 11:10:43", "date_approved": null, "date_testing": "2014-11-15 09:19:20", "date_stable": "2014-12-06 10:04:40", "alias": "FEDORA-2014-14995", "test_gating_status": null, "from_tag": null, "date_pushed": "2014-12-06 10:04:40", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2014-14995", "title": "avr-binutils-2.24-4.fc21", "version_hash": "a7823519b5add5c8f3557fcb76dcb669906d1427", "release": {"name": "F21", "long_name": "Fedora 21", "version": "21", "id_prefix": "FEDORA", "branch": "f21", "dist_tag": "f21", "stable_tag": "f21-updates", "testing_tag": "f21-updates-testing", "candidate_tag": "f21-updates-candidate", "pending_signing_tag": "", "pending_testing_tag": "f21-updates-testing-pending", "pending_stable_tag": "f21-updates-pending", "override_tag": "f21-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "mhlavink", "email": "mhlavink@redhat.com", "id": 268, "avatar": "https://seccdn.libravatar.org/avatar/6a3d36db2ed39394904df2a56731f61ffcc55b153ecab0b42cf22ea63e83b9ca?s=24&d=retro", "openid": "mhlavink.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "modularity-wg"}, {"name": "cla_redhat"}, {"name": "gitsetuptool"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by mhlavink. ", "timestamp": "2014-11-12 17:51:28", "update_id": 28618, "user_id": 91, "id": 227913, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on i386. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/11937/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2014-11-12 18:24:39", "update_id": 28618, "user_id": 100, "id": 227914, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on x86_64. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/11937/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2014-11-12 18:26:36", "update_id": 28618, "user_id": 100, "id": 227915, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 21 testing updates repository.", "timestamp": "2014-11-13 03:54:34", "update_id": 28618, "user_id": 91, "id": 227916, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing", "timestamp": "2014-11-13 18:22:20", "update_id": 28618, "user_id": 91, "id": 227917, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "mhlavink has edited this update. New build(s): avr-binutils-2.24-4.fc21. Removed build(s): avr-binutils-2.24-3.fc21.", "timestamp": "2014-11-14 11:10:33", "update_id": 28618, "user_id": 91, "id": 227918, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by mhlavink. ", "timestamp": "2014-11-14 11:10:50", "update_id": 28618, "user_id": 91, "id": 227919, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on i386. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12607/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2014-11-14 11:15:59", "update_id": 28618, "user_id": 100, "id": 227920, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on x86_64. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12607/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2014-11-14 11:16:40", "update_id": 28618, "user_id": 100, "id": 227921, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 21 testing updates repository.", "timestamp": "2014-11-14 19:36:22", "update_id": 28618, "user_id": 91, "id": 227922, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing", "timestamp": "2014-11-15 09:19:20", "update_id": 28618, "user_id": 91, "id": 227923, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by mhlavink. ", "timestamp": "2014-11-21 20:33:34", "update_id": 28618, "user_id": 91, "id": 227924, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: upgradepath test PASSED on noarch. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/14993/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2014-11-21 20:43:34", "update_id": 28618, "user_id": 100, "id": 227925, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 21 stable updates repository.", "timestamp": "2014-12-06 05:19:10", "update_id": 28618, "user_id": 91, "id": 227926, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 21 stable updates repository.", "timestamp": "2014-12-06 05:26:24", "update_id": 28618, "user_id": 91, "id": 227927, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable", "timestamp": "2014-12-06 10:04:40", "update_id": 28618, "user_id": 91, "id": 227928, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "avr-binutils-2.24-4.fc21", "signed": true, "release_id": null, "type": "rpm", "epoch": null}], "bugs": [{"bug_id": 1162570, "title": "CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable", "security": true, "parent": true, "feedback": []}, {"bug_id": 1162575, "title": "CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1162594, "title": "CVE-2014-8502 binutils: heap overflow in objdump when parsing a crafted ELF/PE binary file (incomplete fix for CVE-2014-8485)", "security": true, "parent": true, "feedback": []}, {"bug_id": 1162599, "title": "CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1162621, "title": "CVE-2014-8504 binutils: stack overflow in the SREC parser", "security": true, "parent": true, "feedback": []}, {"bug_id": 1162623, "title": "CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1162655, "title": "CVE-2014-8737 binutils: directory traversal vulnerability", "security": true, "parent": true, "feedback": []}, {"bug_id": 1162657, "title": "avr-binutils: binutils: directory traversal vulnerability [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1162666, "title": "CVE-2014-8738 binutils: out of bounds memory write", "security": true, "parent": true, "feedback": []}, {"bug_id": 1162670, "title": "avr-binutils: binutils: out of bounds memory write [fedora-all]", "security": true, "parent": false, "feedback": []}], "updateid": "FEDORA-2014-14995", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}