Format: 1.8 Date: Mon, 22 May 2023 12:48:33 +0530 Source: binutils Built-For-Profiles: noudeb Architecture: source Version: 2.38-4ubuntu2.2 Distribution: jammy-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Nishit Majithia Changes: binutils (2.38-4ubuntu2.2) jammy-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overflow vulnerability - debian/patches/CVE-2023-1972.patch: Fix an illegal memory access when an accessing a zer0-lengthverdef table. - CVE-2023-1972 * SECURITY UPDATE: out-of-bound read vulnerability - debian/patches/CVE-2023-25584.patch: Lack of bounds checking in vms-alpha.c parse_module - CVE-2023-25584 * SECURITY UPDATE: segmentation fault due to uninitialized `file_table` - debian/patches/CVE-2023-25585.patch: Use bfd_zmalloc to alloc file_table - CVE-2023-25585 * SECURITY UPDATE: segmentation fault due to uninitialized `the_bfd` - debian/patches/CVE-2023-25588.patch: Field `the_bfd` of `asymbol` is uninitialised - CVE-2023-25588 Checksums-Sha1: 9f815eda0c17da2ff0adf72ea38e33ac1991c8cf 8731 binutils_2.38-4ubuntu2.2.dsc 0956263cfa7bfe21ee7b3ac664a5eee5ada7b8ef 293072 binutils_2.38-4ubuntu2.2.debian.tar.xz 38d2bee8f90b1511e5e476bfd87bdce454d38c94 23555 binutils_2.38-4ubuntu2.2_source.buildinfo Checksums-Sha256: 9eba1e2f9e50f6dcc66dde3a38cded6a86ce9b02fec2356eb3c71e1ca07c58e4 8731 binutils_2.38-4ubuntu2.2.dsc 02beacdf822e6a004b8c2c6606d84a23b8dfbced21468e2e90693ae548d1e944 293072 binutils_2.38-4ubuntu2.2.debian.tar.xz 99b5bc81bbe2879dc697283ab50ad76d407d5c2057a317290af136921b41369a 23555 binutils_2.38-4ubuntu2.2_source.buildinfo Files: f391b1056f0516bc4fe0e883c53530a4 8731 devel optional binutils_2.38-4ubuntu2.2.dsc 0141aa753f5343c6cb724fa3275d562b 293072 devel optional binutils_2.38-4ubuntu2.2.debian.tar.xz 0bbac013349d5e6ac3e68e3a7a116f12 23555 devel optional binutils_2.38-4ubuntu2.2_source.buildinfo Original-Maintainer: Matthias Klose