elfutils 0.165-3ubuntu1.1 source package in Ubuntu
Changelog
elfutils (0.165-3ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading
an ELF file for sanity checks. Based on upstream patch.
- CVE-2016-10254
* SECURITY UPDATE: Denial of service via memory consumption when handling
crafted ELF files
- debian/patches/CVE-2016-10255.patch: Sanity check offset and size before
trying to malloc and read data. Based on upstream patch.
- CVE-2016-10255
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7607.patch: Fix off by one sanity check in
handle_gnu_hash. Based on upstream patch.
- CVE-2017-7607
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7608.patch: Use the empty string for note names
with zero size. Based on upstream patch.
- CVE-2017-7608
* SECURITY UPDATE: Denial of service via memory consumption when handling
crafted ELF files
- debian/patches/CVE-2017-7609.patch: Check compression ratio before
trying to allocate output buffer. Based on upstream patch.
- CVE-2017-7609
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7610.patch: Don't check section group without
flags word. Based on upstream patch.
- CVE-2017-7610
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7611.patch: Check symbol table data is big
enough before checking. Based on upstream patch.
- CVE-2017-7611
* SECURITY UPDATE: Denial of service via invalid memory read when handling
crafted ELF files
- debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking
hash sections. Based on upstream patch.
- CVE-2017-7612
* SECURITY UPDATE: Denial of service via memory consumption when handling
crafted ELF files
- debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and
shdrs available. Based on upstream patch.
- CVE-2017-7613
-- Tyler Hicks <email address hidden> Wed, 17 May 2017 23:27:15 +0000
Upload details
- Uploaded by:
- Tyler Hicks
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| elfutils_0.165.orig.tar.bz2 | 6.2 MiB | a7fc9277192caaa5f30b47e8c0518dbcfd8c4a19c6493a63d511d804290ce972 |
| elfutils_0.165-3ubuntu1.1.debian.tar.xz | 44.7 KiB | d4b0840dab750dc258d09c4b37d8ab1180d1ef818e617d641897660de004d648 |
| elfutils_0.165-3ubuntu1.1.dsc | 2.3 KiB | 7a5fdcf2a4787423435f40cbfc5c98978f55faab530a4eec2f00913af8103ec9 |
Available diffs
Binary packages built by this source
- elfutils: collection of utilities to handle ELF objects
Elfutils is a collection of utilities, including eu-ld (a linker),
eu-nm (for listing symbols from object files), eu-size (for listing the
section sizes of an object or archive file), eu-strip (for discarding
symbols), eu-readelf (to see the raw ELF file structures), and eu-elflint
(to check for well-formed ELF files).
- elfutils-dbgsym: debug symbols for package elfutils
Elfutils is a collection of utilities, including eu-ld (a linker),
eu-nm (for listing symbols from object files), eu-size (for listing the
section sizes of an object or archive file), eu-strip (for discarding
symbols), eu-readelf (to see the raw ELF file structures), and eu-elflint
(to check for well-formed ELF files).
- libasm-dev: libasm development libraries and header files
libasm1 allows you to create ELF files on a low level.
.
This package contains development libraries and header files for libasm1.
- libasm1: library with a programmable assembler interface
The libasm1 package provides a library with a programmable assembler
interface. It allows you to create ELF files on a low level.
.
This library is part of elfutils.
- libasm1-dbgsym: debug symbols for package libasm1
The libasm1 package provides a library with a programmable assembler
interface. It allows you to create ELF files on a low level.
.
This library is part of elfutils.
- libdw-dev: libdw1 development libraries and header files
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This package contains development libraries and header files for libdw1.
.
It also contains a static version of libdw. Only link to the static version
for special cases and when you don't need anything from the ebl backends.
- libdw1: library that provides access to the DWARF debug information
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This library is part of elfutils.
- libdw1-dbgsym: debug symbols for package libdw1
libdw1 provides a library that provides access to DWARF debug information
stored inside ELF files.
.
This library is part of elfutils.
- libelf-dev: libelf1 development libraries and header files
libelf1 provides a shared library which allows reading and writing of ELF
files on a high level.
.
This package contains development libraries and header files for libelf1.
- libelf1: library to read and write ELF files
The libelf1 package provides a shared library which allows reading and
writing ELF files on a high level. Third party programs depend on
this package to read internals of ELF files. The programs of the
elfutils package use it also to generate new ELF files.
.
This library is part of elfutils.
- libelf1-dbgsym: debug symbols for package libelf1
The libelf1 package provides a shared library which allows reading and
writing ELF files on a high level. Third party programs depend on
this package to read internals of ELF files. The programs of the
elfutils package use it also to generate new ELF files.
.
This library is part of elfutils.
