CentOS 6 ELS: binutils package gradual rollout - TuxCare

CentOS 6 ELS: binutils package gradual rollout

TuxCare Team

December 16, 2021

changelog

A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

Rollout slot: 2
Rolled out to: 0.1%
ETA for 100% rollout: December 30

CHANGELOG

binutils 2.20.51.0.2-5.48.1.el6.tuxcare.els3

  • CVE-2018-6323: Fix unsigned integer overflow
  • CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in
  • CVE-2018-6543: Fix integer overflow
  • CVE-2018-20671: Fix integer overflow vulnerability
  • CVE-2018-6759: Fix segmentation fault
  • CVE-2018-7208: Fix segmentation fault
  • CVE-2018-7568: Fix integer overflow
  • CVE-2018-7569: Fix integer underflow or overflow
  • CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference
  • CVE-2018-7643: Fix integer overflow
  • CVE-2018-8945: Fix segmentation fault
  • CVE-2018-13033: Fix excessive memory allocation
  • CVE-2018-10373: Fix NULL pointer dereference
  • CVE-2018-10535: Fix NULL pointer dereference
  • CVE-2018-18309: Fix invalid memory address dereference
  • CVE-2018-18605: Fix mishandles section merges
  • CVE-2018-18606: Fix NULL pointer dereference
  • CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd
  • CVE-2018-19932: Fix integer overflow and infinite loop
  • CVE-2018-20002: Fix memory consumption
  • CVE-2018-20623: Fix use-after-free in the error function
  • CVE-2018-1000876: Fix integer overflow trigger heap overflow
  • CVE-2019-9073: Fix excessive memory allocation
  • CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap
  • CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific
  • CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt
  • CVE-2019-14444: Fix integer overflow
  • CVE-2019-17450: Fix infinite recursion
  • CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c
  • CVE-2016-4487: Fix use-after-free vulnerability in libiberty
  • CVE-2016-4488: Fix use-after-free vulnerability in libiberty
  • CVE-2016-4489: Fix integer overflow in libiberty
  • CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty
  • CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty
  • CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal
  • CVE-2016-6131: Fix infinite loop, stack overflow

UPDATE COMMAND

yum update binutils*

IMMEDIATE UPDATE (VIA BYPASS)

yum update binutils* --enablerepo=ELS6-rollout-2-bypass

 

Like what you're reading?
Get Important Content In Your Inbox.

Stay updated with the latest news and announcements from TuxCare.com

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching