OracleLinux 6 ELS: binutils package released
A new updated binutils package within OracleLinux OS 6 ELS is now available for download from our production repository.
CHANGELOG
binutils-2.20.51.0.2-5.48.0.3.
- Fix global buffer overflow (of size 1) (CVE-2017-7223)
- Fix invalid write (of size 1) while disassembling (CVE-2017-7224)
- Fix NULL pointer dereference and an invalid write (CVE-2017-7225)
- Fix heap-based buffer over-read of size 4049 (CVE-2017-7226)
- Fix heap-based buffer overflow (CVE-2017-7227)
- Fix invalid read (of size 8) in ELF reloc section (CVE-2017-7299)
- Fix heap-based buffer over-read (off-by-one) (CVE-2017-7300)
- Fix off-by-one vulnerability (CVE-2017-7301)
- Fix invalid read (of size 4) (CVE-2017-7302)
- Fix undefined behavior issue (CVE-2017-7614)
- Fix global buffer over-read error (CVE-2017-8393)
- Fix invalid read of size 4 due to NULL pointer dereferencing (CVE-2017-8394)
- Fix invalid read of size 1 during dumping of debug information (CVE-2017-8398)
- Fix memory leak vulnerability (CVE-2017-8421)
- Fix buffer overflow (CVE-2017-9742)
- Fix buffer overflow (CVE-2017-9744)
- Fix buffer overflow (CVE-2017-9747)
- Fix buffer overflow (CVE-2017-9748)
- Fix buffer overflow (CVE-2017-9749)
- Fix buffer overflow (CVE-2017-9753)
- Fix buffer overflow (CVE-2017-9754)
- Fix use after free (CVE-2017-12448)
- Fix out of bounds heap read (CVE-2017-12449)
- Fix out of bounds heap read (CVE-2017-12455)
- Fix NULL dereference (CVE-2017-12457)
- Fix out of bounds heap read (CVE-2017-12458)
- Fix out of bounds heap write (CVE-2017-12459)
- Fix out of bounds heap write (CVE-2017-12450)
- Fix out of bounds heap read (CVE-2017-12452)
- Fix out of bounds heap read (CVE-2017-12453)
- Fix arbitrary memory read (CVE-2017-12454)
- Fix out of bounds heap read (CVE-2017-12456)
- Fix integer overflow, and hang because of a time-consuming loop (CVE-2017-14333)
- Fix out of bounds stack read (CVE-2017-12451)
- Fix buffer overflow (CVE-2017-12799)
- Fix NULL pointer dereference (CVE-2017-13710)
- Fix _bfd_elf_attr_strdup heap-based buffer over-read (CVE-2017-14130)
- Fix infinite loop (CVE-2017-14932)
- Fix excessive memory allocation (CVE-2017-14938)
- Fix NULL pointer dereference (CVE-2017-14940)
- Fix parse_die heap-based buffer over-read (CVE-2017-15020)
- Fix bfd_hash_hash NULL pointer dereference (CVE-2017-15022)
- Fix divide-by-zero error (CVE-2017-15225)
- Fix find_abstract_instance_name invalid memory read, segmentation fault (CVE-2017-15938)
- Fix NULL pointer dereference (CVE-2017-15939)
- Fix buffer overflow on fuzzed archive header (CVE-2017-15996)
- Fix invalid memory access (CVE-2017-16826)
- Fix slurp_symtab invalid free (CVE-2017-16827)
- Fix integer overflow and heap-based buffer over-read (CVE-2017-16828)
- Fix integer overflow or excessive memory allocation (CVE-2017-16831)
- Fix bfd_getl32 heap-based buffer over-read (CVE-2017-17080)
- Fix invalid read of size 1 (CVE-2017-8396)
- Fix memory access violation (CVE-2017-17121)
- Fix NULL pointer dereference (CVE-2017-17123)
- Fix excessive memory consumption or heap-based buffer overflow (CVE-2017-17124)
- Fix buffer over-read (CVE-2017-17125)
UPDATE COMMAND
yum update binutils*