Ubuntu
elfutils package

Change log for elfutils package in Ubuntu

175 of 122 results FirstPreviousLast
Published in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
elfutils (0.190-1.1build4) noble; urgency=medium

  * No-change rebuild against libarchive13t64

 -- Steve Langasek <email address hidden>  Sun, 07 Apr 2024 07:06:10 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
elfutils (0.190-1.1build3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 00:56:22 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
elfutils (0.190-1.1build2) noble; urgency=medium

  * No-change rebuild against libcurl3t64-gnutls

 -- Steve Langasek <email address hidden>  Sat, 16 Mar 2024 06:51:29 +0000
Published in oracular-proposed 
elfutils (0.191-1) unstable; urgency=medium

  * New upstream version.
  * Add translations (it, sv). Closes: #1050108, #1049367.
  * Fix cross build failure (Helmut Grohne). Closes: #1057813.

 -- Matthias Klose <email address hidden>  Tue, 12 Mar 2024 11:42:59 +0100
Superseded in noble-proposed 
elfutils (0.190-1.1build1) noble; urgency=medium

  * No-change rebuild against libarchive13t64

 -- Steve Langasek <email address hidden>  Sat, 09 Mar 2024 07:20:39 +0000
Superseded in noble-proposed 
elfutils (0.190-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition.

 -- Michael Hudson-Doyle <email address hidden>  Thu, 29 Feb 2024 00:13:08 +0000

Available diffs

Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
elfutils (0.190-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Thu, 16 Nov 2023 14:54:07 +0100

Available diffs

Published in focal-updates
Published in focal-security 
elfutils (0.176-1.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: infinite loop via a crafted file
    - debian/patches/CVE-2021-33294.patch: fix bounds checks and replace
      asserts with errors in src/readelf.c.
    - CVE-2021-33294
  * SECURITY UPDATE: heap-based buffer overwrite and reachable assertion
    - debian/patches/CVE-2020-21047.patch: fix bounds checks and replace
      asserts with errors in libcpu/i386_data.h and libcpu/i386_disasm.c.
    - CVE-2020-21047

 -- Camila Camargo de Matos <email address hidden>  Mon, 28 Aug 2023 14:26:02 -0300
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
elfutils (0.189-4) unstable; urgency=medium

  * Remove bashism in maintainer script. Closes: #999414.

 -- Matthias Klose <email address hidden>  Tue, 04 Jul 2023 11:37:16 +0200

Available diffs

Superseded in mantic-proposed 
elfutils (0.189-3) unstable; urgency=medium

  * libelf-dev: Depend on libzstd-dev. Closes: #1040071.

 -- Matthias Klose <email address hidden>  Sun, 02 Jul 2023 09:41:46 +0200

Available diffs

Superseded in mantic-proposed 
elfutils (0.189-2) unstable; urgency=medium

  * Use sh instead of bash in maintainer script. Closes: #999414.
  * Add Romanian debconf templates translation (Remus-Gabriel Chelu).
    Closes: #1031867.
  * Fix syntax in debian/copyright (Bastian Germann). Closes: #1032126.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Sat, 01 Jul 2023 13:35:22 +0200
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
elfutils (0.188-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Add debconf template translation
    - Dutch translation.
      Thanks to Frans Spiesschaert (Closes: #994141)
    - French translation.
      Thanks Jean-Pierre Giraud (Closes: #994667)
    - German translation.
      Thanks Helge Kreutzmann (Closes: #997891)
    - Portuguese translation.
      Thanks Américo Monteiro (Closes: #1001920)
    - Spanish translation.
      Thanks Camaleón (Closes: #1003517)
    - Brazilian Portuguese translation.
      Thanks Paulo Henrique de Lima Santana (Closes: #1025512)

 -- Helge Kreutzmann <email address hidden>  Sat, 14 Jan 2023 14:54:50 +0100

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
elfutils (0.188-2) unstable; urgency=medium

  [ Bastian Germann ]
  * d/copyright: Convert to machine-readable format, adding missing
    licenses.  (Closes: #1019937)

 -- Sergio Durigan Junior <email address hidden>  Wed, 21 Dec 2022 15:13:47 -0500

Available diffs

Published in jammy-backports 
elfutils (0.188-1~bpo22.04.1) jammy-backports; urgency=medium

  * Backport to Jammy (LP: #1997189).
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
elfutils (0.188-1) unstable; urgency=medium

  * New upstream release.
  * d/p/{hurd-hacks.diff,kfreebsd-debuginfod,kfreebsd-mremap-stub}:
    Refresh patches against new upstream version.
  * d/{libdebuginfod1,libdw1}.symbols: Add new symbols.
  * d/rules: Remove debuginfod.service.8 during installation.
    Currently, we don't install debuginfod.service.
  * Rename upstream's signing key file.
    - d/u/signing-key.asc: Rename from d/upstream-signing-key.pgp.
    - d/s/included-binaries: Remove.

 -- Sergio Durigan Junior <email address hidden>  Sun, 13 Nov 2022 20:52:25 -0500

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
elfutils (0.187-4) unstable; urgency=medium

  * Fix Ubuntu upgrade path for libdebuginfod-common. (LP: #1990638)
    - d/libdebuginfod-common.postinst: Split Ubuntu-specific code into a
      separate function.  Clean up ucf/ucfr configuration files when
      upgrading from libdebuginfod-common versions before 0.187-3.  Create
      links for the debuginfod shell snippets directly.
    - d/libdebuginfod-common.postrm: Handle Debian and Ubuntu purge
      differently.

 -- Sergio Durigan Junior <email address hidden>  Sat, 24 Sep 2022 16:34:05 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
elfutils (0.187-3) unstable; urgency=medium

  * Always install debuginfod shell snippets in Ubuntu.
    - d/libdebuginfod-common.config: Remove snippet to db_input the Ubuntu
      question.
    - d/libdebuginfod-common.postinst: Always install debuginfod shell
      snippets in Ubuntu.
    - d/libdebuginfod-common.templates: Remove
      libdebuginfod/useubuntudebuginfod question.

 -- Sergio Durigan Junior <email address hidden>  Wed, 21 Sep 2022 19:08:05 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
elfutils (0.187-2) unstable; urgency=medium

  * Pass --sysconfdir to configure and install elfutils.urls.
    - d/rules: Pass --sysconfdir to configure; don't delete elfutils.urls.
    - d/libdebuginfod-common.install: Adjust paths and install
      elfutils.urls.
  * d/rules: Cleanup debuginfod code and support Ubuntu's debuginfod.
  * d/libdebuginfod-common.templates: New question for Ubuntu's debuginfod.
  * d/libdebuginfod-common.config: Ask about Ubuntu's debuginfod.
  * d/libdebuginfod-common.post{inst,rm}: Cleanup code, fix problems
    and support Ubuntu.
    Thanks to наб <email address hidden> (Closes: #987787)

 -- Sergio Durigan Junior <email address hidden>  Fri, 02 Sep 2022 17:11:29 -0400

Available diffs

Superseded in jammy-backports 
elfutils (0.187-1~bpo22.04.1) jammy-backports; urgency=medium

  * Backport to Jammy. (LP: #1987356)

 -- Sergio Durigan Junior <email address hidden>  Mon, 22 Aug 2022 20:05:12 -0400
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
elfutils (0.187-1) unstable; urgency=medium

  * New upstream release.

 -- Matthias Klose <email address hidden>  Wed, 04 May 2022 01:08:42 +0200
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
elfutils (0.186-1build1) jammy; urgency=medium

  * No-change rebuild for ppc64el baseline bump.

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Wed, 23 Mar 2022 14:51:35 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
elfutils (0.186-1) unstable; urgency=medium

  * New upstream release.
  * Don't yet install elfutils.urls.
  * Update symbols file.

 -- Matthias Klose <email address hidden>  Wed, 17 Nov 2021 21:49:08 +0100

Available diffs

Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
elfutils (0.185-1build1) impish; urgency=medium

  * No-change rebuild to build packages with zstd compression.

 -- Matthias Klose <email address hidden>  Thu, 07 Oct 2021 12:11:10 +0200
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
elfutils (0.185-2) unstable; urgency=medium

  * Upload to unstable.

 -- Matthias Klose <email address hidden>  Sun, 15 Aug 2021 18:27:02 +0200
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
elfutils (0.185-1) experimental; urgency=medium

  * New upstream release.
  * Refresh patches.

 -- Matthias Klose <email address hidden>  Tue, 25 May 2021 20:31:36 +0200

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
elfutils (0.184-1) experimental; urgency=medium

  * New upstream release.

 -- Matthias Klose <email address hidden>  Mon, 17 May 2021 12:10:27 +0200

Available diffs

Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
elfutils (0.183-8) experimental; urgency=medium

  * libdebuginfod1: Relax dependency on libdebuginfod-common. Closes: #986375.
  * libdebuginfod-common: Update package description. Closes: #987036.
  * Always install the shell snippets into /etc/profile.d/.

 -- Matthias Klose <email address hidden>  Sat, 17 Apr 2021 09:58:41 +0200

Available diffs

Superseded in hirsute-proposed 
elfutils (0.183-7) experimental; urgency=medium

  [ Sergio Durigan Junior ]
  * d/rules: Populate binary-indep with proper build instructions.
  * d/control: Remove ${shlibs:Depends} from libdebuginfod-common.

  [ Matthias Klose ]
  * d/rules: Move dh_install to the install target.
  * d/rules: Add -a/-i options to the dh_ commands.

 -- Matthias Klose <email address hidden>  Thu, 15 Apr 2021 17:49:43 +0200

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
elfutils (0.183-6) experimental; urgency=medium

  * d/libdebuginfod-common.install: Remove file.
  * d/rules:
    Implement logic to decide whether to install the debuginfod shell
    snippets under /etc/profile.d/ based on the existence of a debuginfod
    service available for the current distribution.  This is needed mostly
    for Ubuntu and other derivatives which don't have debuginfod services
    available yet.

 -- Sergio Durigan Junior <email address hidden>  Fri, 26 Mar 2021 01:14:28 -0400

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
elfutils (0.183-5) experimental; urgency=medium

  * d/libdebuginfod-common.install:
    Install the debuginfod profile.d snippets under
    /usr/share/libdebuginfod-common/ instead of directly under
    /etc/profile.d/.
  * d/libdebuginfod-common.config:
    Check for the "debuginfod.sh" snippet under
    /usr/share/libdebuginfod-common/.
  * d/libdebuginfod-common.postinst:
    Perform modifications in the debuginfod shell snippets that now live
    under /usr/share/libdebuginfod-common/, before moving them (using ucf)
    to /etc/profile.d/. (Closes: #985044)
  * d/libdebuginfod-common.postrm:
    New postrm file which takes care of purging the debuginfod shell
    snippets under /etc/profile.d/.
  * d/control: Make libdebuginfod-common depend on ucf.

 -- Sergio Durigan Junior <email address hidden>  Fri, 19 Mar 2021 15:58:25 -0400

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
elfutils (0.183-4) experimental; urgency=medium

  * Apply KFreeBSD patches (Christoph Berg), not forwarded.
  * Fix build on the Hurd.

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
elfutils (0.183-1) unstable; urgency=medium

  * New upstream release. Changes compared to the snapshot:
    - backends/ppc_initreg.c: include <asm/ptrace.h>.
    - NEWS and version, and copyright updates.

 -- Matthias Klose <email address hidden>  Mon, 08 Feb 2021 09:56:24 +0100
Superseded in hirsute-proposed 
elfutils (0.182+20210205-1) unstable; urgency=high

  * Snapshot, taken three days before the 0.183 release. Create a source
    tarball using make dist.
  * Make the build reproducible (Helmut Grohne). Closes: #981835, #981924.

 -- Matthias Klose <email address hidden>  Fri, 05 Feb 2021 19:07:32 +0100
Superseded in hirsute-proposed 
elfutils (0.182+20210203-1.1) unstable; urgency=medium

  * Non-maintainer upload. Acked by Matthias Klose.
  * Make the build reproducible. (Closes: #981835)

 -- Helmut Grohne <email address hidden>  Thu, 04 Feb 2021 17:01:33 +0100
Superseded in hirsute-proposed 
elfutils (0.182+20210203-1) unstable; urgency=medium

  * Snapshot, taken five days before hte 0.183 release.
  * Update libdebuginfod1 symbols file.

 -- Matthias Klose <email address hidden>  Wed, 03 Feb 2021 14:59:12 +0100

Available diffs

Obsolete in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
elfutils (0.181-1ubuntu0.1) groovy; urgency=medium

  * debian/patches/elfutils-lp1908756-groovy.patch:
    IBM Z: Fix endianess problem in pid_memory_read
    backport from elfutils 0.182+
    - libdwfl/linux-pid-attach.c: shift the upper 4 bytes + down on big
      endian 64 bit targets
    - libdwfl/ChangeLog: updated the projects ChangeLog, too
    Thanks to Andreas Krebbel <email address hidden> (LP: #1908756)

 -- Frank Heimes <email address hidden>  Fri, 08 Jan 2021 09:49:33 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
elfutils (0.182-3) unstable; urgency=medium

  * Build with -flto-partition=none when building with -flto.
  * Stop building with -fpermissive.
  * tests/dwfl-proc-attach.c: Remove old glibc hack.

 -- Matthias Klose <email address hidden>  Wed, 06 Jan 2021 14:05:13 +0100

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
elfutils (0.182-2) unstable; urgency=medium

  * Fix FTCBFS: perform bootstrap build with dummy libdebuginfod and without
    debuginfod (Helmut Grohne). Closes: #973981.
  * Fix build profile pkg.elfutils.nodebuginfod. Closes: #976875.
  * Don't use MAKEFLAGS in the packaging. Closes: #965955.
  * Fix unwinding support for 32bit S390, taken from the trunk.
    Thanks to Andreas Krebbel and Frank Heimes. LP: #1908756.
  * Call dh_dwz.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Thu, 31 Dec 2020 12:52:31 +0100

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
elfutils (0.182-1) unstable; urgency=medium

  * New upstream release.
  * Fix typo in debian/copyright. Closes: #914414.
  * Add pkg.elfutils.nodebuginfod build profile (Helmut Grohne).
    Closes: #966705.

 -- Matthias Klose <email address hidden>  Sat, 07 Nov 2020 10:22:37 +0100

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
elfutils (0.181-1) unstable; urgency=medium

  * New upstream release.

 -- Matthias Klose <email address hidden>  Tue, 15 Sep 2020 22:31:59 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
elfutils (0.180-1) unstable; urgency=medium

  * Transfer to team maintenance, add Kurt Roeckx and myself as uploaders.
  * Add VCS attributes to the control file.
  * New upstream release.
  * Build-depend on pkg-config, libarchive-dev, libmicrohttpd-dev,
    libcurl4-gnutls-dev, libsqlite3-dev.
  * Build with -fpermissive.
  * Don't package debuginfod yet.
  * New binary packages debuginfod, libdebuginfod1, libdebuginfod-dev.
  * Use dh_autoreconf.

 -- Matthias Klose <email address hidden>  Thu, 16 Jul 2020 19:34:22 +0200
Superseded in groovy-proposed 
elfutils (0.180-0ubuntu2) groovy; urgency=medium

  * New binary packages debuginfod, libdebuginfod1, libdebuginfod-dev.

 -- Matthias Klose <email address hidden>  Sat, 25 Jul 2020 18:31:38 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
elfutils (0.180-0ubuntu1) groovy; urgency=medium

  * New upstream release.
  * Build-depend on pkg-config, libarchive-dev, libmicrohttpd-dev,
    libcurl4-gnutls-dev, libsqlite3-dev.
  * Build with -fpermissive.
  * Don't package debuginfod yet.

 -- Matthias Klose <email address hidden>  Thu, 16 Jul 2020 13:56:18 +0200

Available diffs

Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
elfutils (0.176-1.1build1) focal; urgency=medium

  * No-change rebuild to restore the i386 binaries.

 -- Matthias Klose <email address hidden>  Mon, 06 Jan 2020 22:37:54 +0100
Published in xenial-updates
Published in xenial-security 
elfutils (0.165-3ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via a crafted file
    - debian/patches/CVE-2018-16062.patch: make sure there is enough data
      to read full aranges header in libdw/dwarf_getaranges.c,
      src/readelf.c.
    - CVE-2018-16062
  * SECURITY UPDATE: double free and application crash
    - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu
      is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c,
      libelf/libelf.h.
    - CVE-2018-16402
  * SECURITY UPDATE: incorrect end of the attributes list check
    - debian/patches/CVE-2018-16403.patch: check end of attributes list
      consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c.
    - CVE-2018-16403
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18310.patch: sanity check partial core file
      data reads in libdwfl/dwfl_segment_report_module.c.
    - CVE-2018-18310
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in
      src/size.c.
    - CVE-2018-18520
  * SECURITY UPDATE: divide by zero vulnerabilties
    - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero
      in src/arlib.c.
    - CVE-2018-18521
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in
      dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c,
      src/readelf.c.
    - CVE-2019-7149
  * SECURITY UPDATE: incorrect truncated dyn data read handling
    - debian/patches/CVE-2019-7150.patch: sanity check partial core file
      dyn data read in libdwfl/dwfl_segment_report_module.c.
    - CVE-2019-7150
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
      contain a zero terminated string in libdwfl/linux-core-attach.c,
      libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
    - CVE-2019-7665

 -- Marc Deslauriers <email address hidden>  Fri, 07 Jun 2019 12:37:02 -0400
Published in bionic-updates
Published in bionic-security 
elfutils (0.170-0.4ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via a crafted file
    - debian/patches/CVE-2018-16062.patch: make sure there is enough data
      to read full aranges header in libdw/dwarf_getaranges.c,
      src/readelf.c.
    - CVE-2018-16062
  * SECURITY UPDATE: double free and application crash
    - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu
      is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c,
      libelf/libelf.h.
    - CVE-2018-16402
  * SECURITY UPDATE: incorrect end of the attributes list check
    - debian/patches/CVE-2018-16403.patch: check end of attributes list
      consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c.
    - CVE-2018-16403
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18310.patch: sanity check partial core file
      data reads in libdwfl/dwfl_segment_report_module.c.
    - CVE-2018-18310
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in
      src/size.c.
    - CVE-2018-18520
  * SECURITY UPDATE: divide by zero vulnerabilties
    - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero
      in src/arlib.c.
    - CVE-2018-18521
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in
      dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c,
      src/readelf.c.
    - CVE-2019-7149
  * SECURITY UPDATE: incorrect truncated dyn data read handling
    - debian/patches/CVE-2019-7150.patch: sanity check partial core file
      dyn data read in libdwfl/dwfl_segment_report_module.c.
    - CVE-2019-7150
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
      contain a zero terminated string in libdwfl/linux-core-attach.c,
      libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
    - CVE-2019-7665

 -- Marc Deslauriers <email address hidden>  Fri, 07 Jun 2019 11:31:15 -0400
Obsolete in cosmic-updates
Obsolete in cosmic-security 
elfutils (0.170-0.5.0ubuntu1.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: DoS via a crafted file
    - debian/patches/CVE-2018-16062.patch: make sure there is enough data
      to read full aranges header in libdw/dwarf_getaranges.c,
      src/readelf.c.
    - CVE-2018-16062
  * SECURITY UPDATE: double free and application crash
    - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu
      is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c,
      libelf/libelf.h.
    - CVE-2018-16402
  * SECURITY UPDATE: incorrect end of the attributes list check
    - debian/patches/CVE-2018-16403.patch: check end of attributes list
      consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c.
    - CVE-2018-16403
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18310.patch: sanity check partial core file
      data reads in libdwfl/dwfl_segment_report_module.c.
    - CVE-2018-18310
  * SECURITY UPDATE: invalid memory address dereference
    - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in
      src/size.c.
    - CVE-2018-18520
  * SECURITY UPDATE: divide by zero vulnerabilties
    - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero
      in src/arlib.c.
    - CVE-2018-18521
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in
      dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c,
      src/readelf.c.
    - CVE-2019-7149
  * SECURITY UPDATE: incorrect truncated dyn data read handling
    - debian/patches/CVE-2019-7150.patch: sanity check partial core file
      dyn data read in libdwfl/dwfl_segment_report_module.c.
    - CVE-2019-7150
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
      contain a zero terminated string in libdwfl/linux-core-attach.c,
      libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
    - CVE-2019-7665

 -- Marc Deslauriers <email address hidden>  Fri, 07 Jun 2019 11:03:46 -0400
Superseded in focal-proposed
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
elfutils (0.176-1.1) unstable; urgency=medium

  * Non-maintainer upload with maintainer permission
  * Fixes FTBFS on riscv64 (Closes: #928832)

 -- Karsten Merker <email address hidden>  Tue, 28 May 2019 20:53:12 +0200

Available diffs

Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
elfutils (0.176-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2019-7150 (Closes: #920909)
    - Fixes CVE-2019-7149 (Closes: #920910)
    - Fixes CVE-2019-7146 (Closes: #920911)
    - Fixes CVE-2019-7665 (Closes: #921880)
    - Fixes CVE-2019-7664 (Closes: #921881)
    - Fixes CVE-2019-7148
    - Drop 0001-tests-Call-test_cleanup-in-backtrace-subr.sh-check_u.patch,
      applied upstream.
  * Update upstream PGP key to new one

 -- Kurt Roeckx <email address hidden>  Sat, 16 Feb 2019 14:54:50 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
elfutils (0.175-2) unstable; urgency=medium

  * Add support for the mips ABI CFI callback
  * Properly clean up in test suite on skipped tests

 -- Kurt Roeckx <email address hidden>  Sun, 30 Dec 2018 15:02:01 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
elfutils (0.175-1) unstable; urgency=medium

  * New upstream release
    - Build with gcc-8 (Closes: #911276)
    - Drop fix-gcc7-ftbfs.diff
    - Drop GNU_variable_value.patch
    - Drop locviews.patch
    - Update patches
  * Fixes CVE-2018-18521 (Closes: #911413)
  * Fixes CVE-2018-18520 (Closes: #911414)
  * Fixes CVE-2018-18310 (Closes: #911083)
  * Fixes CVE-2018-16403
  * Fixes CVE-2018-16402
  * Fixes CVE-2018-16062 (Closes: #907562)

 -- Kurt Roeckx <email address hidden>  Sun, 18 Nov 2018 23:01:23 +0100
Superseded in cosmic-updates
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
Deleted in cosmic-proposed (Reason: moved to -updates) 
elfutils (0.170-0.5.0ubuntu1) cosmic; urgency=medium

  * Add d/patches/0001-aarch64-Add-default-cfi-rule-to-restore-SP-from-CFA-.patch
    to fix walking the stack of arm64 binaries compiled with GCC 8. (LP: #1798700)

 -- Michael Hudson-Doyle <email address hidden>  Thu, 18 Oct 2018 20:06:01 +1300
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
elfutils (0.170-0.5) unstable; urgency=medium

  * Non-maintainer upload acked by Kurt Roeckx.
  * Fix FTCBFS: Add zlib1g-dev:native to Build-Depends. (Closes: #901748)

 -- Helmut Grohne <email address hidden>  Sun, 24 Jun 2018 20:54:50 +0200

Available diffs

Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
elfutils (0.170-0.4) unstable; urgency=medium

  * Non-maintainer upload.
  * Backport patches for DWARF locview support (Mark Wielaard).

 -- Matthias Klose <email address hidden>  Mon, 09 Apr 2018 14:21:19 +0200

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
elfutils (0.170-0.3) unstable; urgency=medium

  * Non-maintainer upload.
  * Add disable_werror.patch. (Closes: #886004)

 -- Helmut Grohne <email address hidden>  Sun, 28 Jan 2018 14:52:20 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
elfutils (0.170-0.2) unstable; urgency=medium

  * Non-maintainer upload, acked by maintainer.
  * libelf-dev,libdw-dev: Add missing dependencies for packages that
    our pkg-config files requires (zlib1g-dev, liblzma-dev).
    (Closes: #885071)

 -- Andreas Henriksson <email address hidden>  Sat, 30 Dec 2017 18:14:17 +0100

Available diffs

Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
elfutils (0.170-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * New upstream release
  * Fix fallthrough warnings exposed by GCC 7. Closes: #853387.
  * Bump standards version.
  * Configure with --disable-silent-rules.
  * Update libdw1 symbols file.

 -- Matthias Klose <email address hidden>  Tue, 12 Sep 2017 00:07:19 +0200
Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
elfutils (0.170-0ubuntu2) artful; urgency=medium

  * New upstream release
  * Fix fallthrough warnings exposed by GCC 7. Closes: #853387.
  * Bump standards version.
  * Configure with --disable-silent-rules.
  * Update libdw1 symbols file.

 -- Matthias Klose <email address hidden>  Wed, 06 Sep 2017 09:14:27 +0200
Superseded in artful-proposed 
elfutils (0.170-0ubuntu1) artful; urgency=medium

  * New upstream release
  * Fix fallthrough warnings exposed by GCC 7. Closes: #853387.
  * Bump standards version.
  * Configure with --disable-silent-rules.
  * Update libdw1 symbols file.

 -- Matthias Klose <email address hidden>  Wed, 06 Sep 2017 09:14:27 +0200
Superseded in artful-proposed 
elfutils (0.168-1) unstable; urgency=medium

  * Fix CVE-2017-7607 (Closes: #859996)
  * Fix CVE-2017-7608 (Closes: #859995)
  * Fix CVE-2017-7609 (Closes: #859994)
  * Fix CVE-2017-7610 (Closes: #859993)
  * Fix CVE-2017-7611 (Closes: #859992)
  * Fix CVE-2017-7612 (Closes: #859991)
  * Fix CVE-2017-7613 (Closes: #859990)

 -- Kurt Roeckx <email address hidden>  Sat, 27 May 2017 15:05:37 +0200

Available diffs

Published in trusty-updates
Published in trusty-security 
elfutils (0.158-0ubuntu5.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading
      an ELF file for sanity checks. Based on upstream patch.
    - CVE-2016-10254
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2016-10255.patch: Sanity check offset and size before
      trying to malloc and read data. Based on upstream patch.
    - CVE-2016-10255
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7607-1.patch: Sanity check hash section contents
      before processing. Based on upstream patch.
    - debian/patches/CVE-2017-7607-2.patch: Fix off by one sanity check in
      handle_gnu_hash. Based on upstream patch.
    - CVE-2017-7607
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7608.patch: Use the empty string for note names
      with zero size. Based on upstream patch.
    - CVE-2017-7608
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7610.patch: Don't check section group without
      flags word. Based on upstream patch.
    - CVE-2017-7610
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7611.patch: Check symbol table data is big
      enough before checking. Based on upstream patch.
    - CVE-2017-7611
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking
      hash sections. Based on upstream patch.
    - CVE-2017-7612
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and
      shdrs available. Based on upstream patch.
    - CVE-2017-7613

 -- Tyler Hicks <email address hidden>  Wed, 17 May 2017 23:27:15 +0000
Superseded in xenial-updates
Superseded in xenial-security 
elfutils (0.165-3ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading
      an ELF file for sanity checks. Based on upstream patch.
    - CVE-2016-10254
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2016-10255.patch: Sanity check offset and size before
      trying to malloc and read data. Based on upstream patch.
    - CVE-2016-10255
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7607.patch: Fix off by one sanity check in
      handle_gnu_hash. Based on upstream patch.
    - CVE-2017-7607
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7608.patch: Use the empty string for note names
      with zero size. Based on upstream patch.
    - CVE-2017-7608
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2017-7609.patch: Check compression ratio before
      trying to allocate output buffer. Based on upstream patch.
    - CVE-2017-7609
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7610.patch: Don't check section group without
      flags word. Based on upstream patch.
    - CVE-2017-7610
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7611.patch: Check symbol table data is big
      enough before checking. Based on upstream patch.
    - CVE-2017-7611
  * SECURITY UPDATE: Denial of service via invalid memory read when handling
    crafted ELF files
    - debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking
      hash sections. Based on upstream patch.
    - CVE-2017-7612
  * SECURITY UPDATE: Denial of service via memory consumption when handling
    crafted ELF files
    - debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and
      shdrs available. Based on upstream patch.
    - CVE-2017-7613

 -- Tyler Hicks <email address hidden>  Wed, 17 May 2017 23:27:15 +0000
Superseded in artful-proposed
Deleted in zesty-proposed (Reason: Moved to artful-proposed) 
elfutils (0.168-0.2) unstable; urgency=medium

  * debian/copyright: Update to the current licensing, as introduced
    with elfutils 0.154.
  * Drop the m68k_backend.diff patch.

 -- Matthias Klose <email address hidden>  Thu, 29 Dec 2016 14:23:54 +0100
Superseded in artful-release
Obsolete in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
elfutils (0.166-2ubuntu1) yakkety; urgency=medium

  * Don't run the run-backtrace-native-biarch test.

 -- Matthias Klose <email address hidden>  Wed, 10 Aug 2016 13:17:23 +0200
Superseded in yakkety-proposed 
elfutils (0.166-2) unstable; urgency=medium

  * Actually add ignore_strmerge.diff to the patch series.

 -- Kurt Roeckx <email address hidden>  Sat, 23 Jul 2016 18:46:20 +0200
Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
elfutils (0.165-3ubuntu1) xenial; urgency=medium

  * Fix finding the debug info for Ubuntu kernels (Mark Wielaard). LP: #1537125.

 -- Matthias Klose <email address hidden>  Fri, 19 Feb 2016 16:57:49 +0100
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
elfutils (0.165-3) unstable; urgency=medium

  * Add patches from Mark Wielaard to fix non-Linux issues.

 -- Kurt Roeckx <email address hidden>  Sat, 16 Jan 2016 17:53:34 +0100

Available diffs

Superseded in xenial-proposed 
elfutils (0.165-2) unstable; urgency=medium

  * Make the new libelf.h work with older elf.h from glibc (Closes: #810885)

 -- Kurt Roeckx <email address hidden>  Wed, 13 Jan 2016 17:50:08 +0100

Available diffs

Superseded in xenial-proposed 
elfutils (0.165-1) unstable; urgency=medium

  * New upstream release
  * Install libelf.pc and libdw.pc file.
  * Update libelf1.symbols and libdw1.symbols with 0.165 version

 -- Kurt Roeckx <email address hidden>  Mon, 11 Jan 2016 21:28:32 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
elfutils (0.164-1) unstable; urgency=medium

  * New upstream release
    - Fixes sparc64 issues (Closes: #805630)
    - Drop patches applied upstream: 0001-Reduce-scope-of-some-includes.patch, 
      0002-tests-Mark-an-unused-argument-as-such.patch,
      0003-tests-dwfl-bug-fd-leak-Guard-against-null-module-add.patch,
      0004-tests-skip-run-deleted.sh-when-dwfl_linux_proc_attac.patch,
      pr18792.diff
    - Remove redhat-portability.diff and scanf-format.patch
    - Update backend to use to stop using the old-style function
      definition: hppa_backend.diff, m68k_backend.diff, mips_backend.diff

 -- Kurt Roeckx <email address hidden>  Sat, 26 Dec 2015 20:55:48 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
elfutils (0.163-5.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix finding the detached debug info when no build-id's are used.
    Closes: #795386.

 -- Matthias Klose <email address hidden>  Fri, 14 Aug 2015 12:25:05 +0200
Superseded in xenial-release
Obsolete in wily-release
Deleted in wily-proposed (Reason: moved to release) 
elfutils (0.163-4ubuntu1) wily; urgency=medium

  * Disable the 0003-Add-mips-n64-relocation-format-hack patch (thanks
    to Mark Wielaard). See #794488.

 -- Matthias Klose <email address hidden>  Sat, 08 Aug 2015 12:04:39 +0200
Superseded in wily-release
Deleted in wily-proposed (Reason: moved to release) 
elfutils (0.163-4) unstable; urgency=medium

  * More fixes for kfreebsd and hurd

 -- Kurt Roeckx <email address hidden>  Tue, 21 Jul 2015 11:39:55 +0000
Superseded in wily-release
Obsolete in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
elfutils (0.160-0ubuntu3) vivid; urgency=medium

  * SECURITY UPDATE: Directory traversal via crafted ar archive (LP: #1414206)
    - debian/patches/CVE-2014-9447.patch: Prevent root directory traversal
      while extracting ar archives
    - CVE-2014-9447
 -- Tyler Hicks <email address hidden>   Fri, 23 Jan 2015 16:24:20 -0600

Available diffs

Obsolete in utopic-updates
Obsolete in utopic-security 
elfutils (0.160-0ubuntu2.1) utopic-security; urgency=medium

  * SECURITY UPDATE: Directory traversal via crafted ar archive
    - debian/patches/CVE-2014-9447.patch: Prevent root directory traversal
      while extracting ar archives
    - CVE-2014-9447
 -- Tyler Hicks <email address hidden>   Tue, 20 Jan 2015 15:22:49 -0600

Available diffs

175 of 122 results FirstPreviousLast