FEDORA-2016-f36c5935e5 — security update for libdwarf

stable

libdwarf-20160507-1.fc24

FEDORA-2016-f36c5935e5 created by tomh 9 years ago for Fedora 24

Update to 20160507 release - fixes many outstanding crash bugs

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-f36c5935e5

This update has been submitted for testing by tomh.

9 years ago

This update has been pushed to testing.

9 years ago

filiperosset commented & provided feedback 9 years ago

karma

no regressions noted

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

9 years ago

This update has been submitted for stable by tomh.

9 years ago

This update has been pushed to stable.

9 years ago

Please log in to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

9 years ago

in testing

9 years ago

in stable

9 years ago

Builds

libdwarf-20160507-1.fc24

BZ#1299966 CVE-2016-2091 libdwarf: Out-of-bounds read in dwarf_frame2.c [fedora-all]

BZ#1300332 CVE-2016-2050 libdwarf: Out-of-bounds write in get_abbrev_array_info [fedora-all]

BZ#1316695 libdwarf not checking whether error is null before attempting to use it for dwarf_srcfiles

BZ#1330237 NULL dereference bug in _dwarf_decode_s_leb128

BZ#1332141 Heap Overflow bug in update_entry().

BZ#1332144 Out of bound read bug in dwarf_dealloc()

BZ#1332145 A approximate infinite loop bugs in dwarf_get_aranges_list()

BZ#1332148 Null dereference bug in _dwarf_file_name_is_full_path()

BZ#1332149 Null dereference bug in READ_AREA_LENGTH()

BZ#1334068 libdwarf-20160507 is available

libdwarf-20160507-1.fc24

Automated Test Results

None