UBUNTU 16.04 ELS: binutils package released

TuxCare Team

October 20, 2021

changelog, Ubuntu16.04 ELS

els_update_cover

A new updated binutils package within Ubuntu 16.04 ELS is now available for download from our production repository.

CHANGELOG

binutils-2.26.1-1ubuntu1~16.04.10

  • Fix integer overflow in the string_appends function in cplus-dem.c (CVE-2016-2226)
  • Fix use-after-free vulnerability in libiberty (CVE-2016-4487)
  • Fix use-after-free vulnerability in libiberty (CVE-2016-4488)
  • Fix integer overflow in libiberty (CVE-2016-4489)
  • Fix integer overflow in cp-demangle.c in libiberty (CVE-2016-4490)
  • Fix buffer overflow in the do_type function in cplus-dem.c in libiberty (CVE-2016-4492)
  • Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal (CVE-2016-4493)
  • Fix infinite loop, stack overflow (CVE-2016-6131)
  • Fix infinite recursion and a buffer overflow (CVE-2016-4491)
  • Fix heap-based buffer overflow (CVE-2017-6965)
  • Fix read-after-free vulnerability (CVE-2017-6966)
  • Fix heap-based buffer over-read (CVE-2017-6969)
  • Fix accesses to NULL pointer (CVE-2017-7209)
  • Fix multiple heap-based buffer over-reads (of size 1 and size 8) (CVE-2017-7210)
  • Fix global buffer overflow (of size 1) (CVE-2017-7223)
  • Fix invalid write (of size 1) while disassembling (CVE-2017-7224)
  • Fix NULL pointer dereference and an invalid write (CVE-2017-7225)
  • Fix heap-based buffer over-read of size 4049 (CVE-2017-7226)
  • Fix heap-based buffer overflow (CVE-2017-7227)
  • Fix invalid read (of size 8) in ELF reloc section (CVE-2017-7299)
  • Fix heap-based buffer over-read (off-by-one) (CVE-2017-7300)
  • Fix off-by-one vulnerability (CVE-2017-7301)
  • Fix invalid read (of size 4) (CVE-2017-7302)
  • Fix undefined behavior issue (CVE-2017-7614)
  • Fix global buffer over-read error (CVE-2017-8393)
  • Fix invalid read of size 4 due to NULL pointer dereferencing (CVE-2017-8394)
  • Fix invalid write of size 8 (CVE-2017-8395)
  • Fix invalid read of size 1 and an invalid write of size 1 (CVE-2017-8397)
  • Fix invalid read of size 1 (CVE-2017-8396)
  • Fix invalid read of size 1 during dumping of debug information (CVE-2017-8398)
  • Fix memory leak vulnerability (CVE-2017-8421)
  • Fix heap-based buffer over-read (CVE-2017-9038)
  • Fix memory consumption (CVE-2017-9039)
  • Fix NULL pointer dereference (CVE-2017-9040)
  • Fix application crash (CVE-2017-9042)
  • Fix heap-based buffer over-read (CVE-2017-9041)
  • Fix invalid read and SEGV (CVE-2017-9044)
  • Fix buffer overflow (CVE-2017-9742)
  • Fix buffer overflow (CVE-2017-9744)
  • Fix buffer overflow (CVE-2017-9752)
  • Fix buffer overflow (CVE-2017-9745)
  • Fix buffer overflow (CVE-2017-9746)
  • Fix buffer overflow (CVE-2017-9747)
  • Fix buffer overflow (CVE-2017-9748)
  • Fix buffer overflow (CVE-2017-9749)
  • Fix buffer overflow (CVE-2017-9750)
  • Fix buffer overflow (CVE-2017-9751)
  • Fix buffer overflow (CVE-2017-9753)
  • Fix buffer overflow (CVE-2017-9754)
  • Fix buffer overflow (CVE-2017-9755)
  • Fix buffer overflow (CVE-2017-9756)
  • Fix stack-based buffer over-read (CVE-2017-9954)
  • Fix use after free (CVE-2017-12448)
  • Fix out of bounds heap read (CVE-2017-12449)
  • Fix out of bounds heap read (CVE-2017-12455)
  • Fix NULL dereference (CVE-2017-12457)
  • Fix out of bounds heap read (CVE-2017-12458)
  • Fix out of bounds heap write (CVE-2017-12459)
  • Fix out of bounds heap write (CVE-2017-12450)
  • Fix out of bounds heap read (CVE-2017-12452)
  • Fix out of bounds heap read (CVE-2017-12453)
  • Fix arbitrary memory read (CVE-2017-12454)
  • Fix out of bounds heap read (CVE-2017-12456)
  • Fix integer overflow, and hang because of a time-consuming loop (CVE-2017-14333)
  • Fix out of bounds stack read (CVE-2017-12451)
  • Fix buffer overflow (CVE-2017-12799)
  • Fix stack-based buffer over-read (CVE-2017-12967)
  • Fix NULL pointer dereference (CVE-2017-13710)
  • Fix read_1_byte heap-based buffer over-read (CVE-2017-14128)
  • Fix parse_comp_unit heap-based buffer over-read (CVE-2017-14129)
  • Fix _bfd_elf_attr_strdup heap-based buffer over-read (CVE-2017-14130)
  • Fix heap-based buffer over-read (CVE-2017-14529)
  • Fix memory consumption (CVE-2017-14930)
  • Fix infinite loop (CVE-2017-14932)
  • Fix excessive memory allocation (CVE-2017-14938)
  • Fix heap-based buffer over-read (CVE-2017-14939)
  • Fix NULL pointer dereference (CVE-2017-14940)
  • Fix parse_die heap-based buffer over-read (CVE-2017-15020)
  • Fix heap-based buffer over-read (CVE-2017-15021)
  • Fix bfd_hash_hash NULL pointer dereference (CVE-2017-15022)
  • Fix infinite recursion (CVE-2017-15024)
  • Fix divide-by-zero error (CVE-2017-15025)
  • Fix memory leak (CVE-2017-15225)
  • Fix find_abstract_instance_name invalid memory read, segmentation fault (CVE-2017-15938)
  • Fix NULL pointer dereference (CVE-2017-15939)
  • Fix buffer overflow on fuzzed archive header (CVE-2017-15996)
  • Fix invalid memory access (CVE-2017-16826)
  • Fix slurp_symtab invalid free (CVE-2017-16827)
  • Fix integer overflow and heap-based buffer over-read (CVE-2017-16828)
  • Fix integer overflow or excessive memory allocation (CVE-2017-16831)
  • Fix segmentation violation (CVE-2017-16832)
  • Fix bfd_getl32 heap-based buffer over-read (CVE-2017-17080)
  • Fix memory access violation (CVE-2017-17121)
  • Fix NULL pointer dereference (CVE-2017-17123)
  • Fix excessive memory consumption or heap-based buffer overflow (CVE-2017-17124)
  • Fix unsigned integer overflow (CVE-2018-6323)
  • Fix integer overflow (CVE-2018-6543)
  • Fix segmentation fault (CVE-2018-6759)
  • Fix segmentation fault (CVE-2018-7208)
  • Fix integer overflow (CVE-2018-7568)
  • Fix integer underflow or overflow (CVE-2018-7569)
  • Fix aout_32_swap_std_reloc_out NULL pointer dereference (CVE-2018-7642)
  • Fix integer overflow (CVE-2018-7643)
  • Fix segmentation fault (CVE-2018-8945)
  • Fix excessive memory allocation (CVE-2018-13033)
  • Fix stack exhaustion (CVE-2018-9138)
  • Fix stack exhaustion (CVE-2018-12641)
  • Fix NULL pointer dereference (CVE-2018-12697)
  • Fix memory consumption (CVE-2018-12698)
  • Fix heap-based buffer overflow (CVE-2018-12699)
  • Fix infinite recursion (CVE-2018-12700)
  • Fix NULL pointer dereference (CVE-2018-17794)
  • Fix recursive calls (CVE-2018-17985)
  • Fix stack exhaustion (CVE-2018-18484)
  • Fix stack consumption vulnerability (CVE-2018-18700)
  • Fix infinite recursion (CVE-2018-18701)
  • Fix heap-based buffer over-read (CVE-2018-10372)
  • Fix NULL pointer dereference (CVE-2018-10373)
  • Fix out-of-bounds memory write (CVE-2018-10534)
  • Fix NULL pointer dereference (CVE-2018-10535)
  • Fix excessive memory consumption (CVE-2018-12934)
  • Fix malloc call with the result of an integer-overflowing calculation (CVE-2018-18483)
  • Fix invalid memory access (CVE-2018-17358)
  • Fix invalid memory access (CVE-2018-17359)
  • Fix heap-based buffer over-read in bfd_getl32 (CVE-2018-17360)
  • Fix invalid memory address dereference (CVE-2018-18309)
  • Fix mishandles section merges (CVE-2018-18605)
  • Fix NULL pointer dereference (CVE-2018-18606)
  • Fix NULL pointer dereference in elf_link_input_bfd (CVE-2018-18607)
  • Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in (CVE-2018-19931)
  • Fix integer overflow and infinite loop (CVE-2018-19932)
  • Fix memory consumption (CVE-2018-20002)
  • Fix use-after-free in the error function (CVE-2018-20623)
  • Fix integer overflow vulnerability (CVE-2018-20671)
  • Fix integer overflow trigger heap overflow (CVE-2018-1000876)
  • Fix buffer over-read (CVE-2017-17125)
  • Fix excessive memory allocation (CVE-2019-9073)
  • Fix out-of-bounds read (CVE-2019-9074)
  • Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap (CVE-2019-9075)
  • Fix heap-based buffer overflow in process_mips_specific (CVE-2019-9077)
  • Fix heap-based buffer over-read in d_expression_1 (CVE-2019-9070)
  • Fix stack consumption issue in d_count_templates_scopes (CVE-2019-9071)
  • Fix heap-based buffer over-read in _bfd_doprnt (CVE-2019-12972)
  • Fix integer overflow and resultant heap-based buffer overflow (CVE-2019-14250)
  • Fix integer overflow (CVE-2019-14444)
  • Fix infinite recursion (CVE-2019-17450)
  • Fix integer overflow (CVE-2019-17451)

UPDATE COMMAND

apt-get update
apt-get --only-upgrade install binutils*

 

 

Stay in the Loop