FEDORA-2018-1eec1f0d17 created by mjw 2 years ago for Fedora 28
stable

Fixes CVE-2018-16062, CVE-2018-16402 and CVE-2018-16403. unstrip: Handle SHT_GROUP sections. strip: Handle mixed (out of order) allocated/non-allocated sections. elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits (suid) on rewrite. libelf, libdw and all tools now handle extended shnum and shstrndx correctly.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-1eec1f0d17

This update has been submitted for testing by mjw.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

User Icon hreindl commented & provided feedback 2 years ago
karma

works for me

User Icon mhayden commented & provided feedback 2 years ago
karma

No issues noted while building kernels.

This update has been submitted for batched by bodhi.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1608390 eu-strip might corrupted section header table
0
0
BZ#1623752 CVE-2018-16062 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file
0
0
BZ#1623753 CVE-2018-16062 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file [fedora-all]
0
0
BZ#1625050 CVE-2018-16402 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash
0
0
BZ#1625051 CVE-2018-16402 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash [fedora-all]
0
0
BZ#1625055 CVE-2018-16403 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash
0
0
BZ#1625056 CVE-2018-16403 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash [fedora-all]
0
0

Automated Test Results