Format: 1.8 Date: Wed, 17 May 2017 23:27:15 +0000 Source: elfutils Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev Architecture: powerpc powerpc_translations Version: 0.165-3ubuntu1.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Tyler Hicks Description: elfutils - collection of utilities to handle ELF objects libasm-dev - libasm development libraries and header files libasm1 - library with a programmable assembler interface libdw-dev - libdw1 development libraries and header files libdw1 - library that provides access to the DWARF debug information libelf-dev - libelf1 development libraries and header files libelf1 - library to read and write ELF files Changes: elfutils (0.165-3ubuntu1.1) xenial-security; urgency=medium . * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2016-10254.patch: Always set ELF maxsize when reading an ELF file for sanity checks. Based on upstream patch. - CVE-2016-10254 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2016-10255.patch: Sanity check offset and size before trying to malloc and read data. Based on upstream patch. - CVE-2016-10255 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7607.patch: Fix off by one sanity check in handle_gnu_hash. Based on upstream patch. - CVE-2017-7607 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7608.patch: Use the empty string for note names with zero size. Based on upstream patch. - CVE-2017-7608 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2017-7609.patch: Check compression ratio before trying to allocate output buffer. Based on upstream patch. - CVE-2017-7609 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7610.patch: Don't check section group without flags word. Based on upstream patch. - CVE-2017-7610 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7611.patch: Check symbol table data is big enough before checking. Based on upstream patch. - CVE-2017-7611 * SECURITY UPDATE: Denial of service via invalid memory read when handling crafted ELF files - debian/patches/CVE-2017-7612.patch: Don't trust sh_entsize when checking hash sections. Based on upstream patch. - CVE-2017-7612 * SECURITY UPDATE: Denial of service via memory consumption when handling crafted ELF files - debian/patches/CVE-2017-7613.patch: Sanity check the number of phdrs and shdrs available. Based on upstream patch. - CVE-2017-7613 Checksums-Sha1: 0697ff2e9ba5da79303683658c560d0216e04c54 570288 elfutils-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb d1d88cd71dad94068d2f01d72e2d68b2b545e2ac 257822 elfutils_0.165-3ubuntu1.1_powerpc.deb 43a3956ca034f2f5b0615178265033bd5f98ec4b 563940 elfutils_0.165-3ubuntu1.1_powerpc_translations.tar.gz 06ebf8bb1cef9ae3a61e7dcc5db44bc7da3b813d 16404 libasm-dev_0.165-3ubuntu1.1_powerpc.deb 9cc9b289d6c183b4cc8ef75d766543a5cb6d9f3c 43494 libasm1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb 41f04b2308a0e12007f9ed803ce8e0b0ae1bbb40 16122 libasm1_0.165-3ubuntu1.1_powerpc.deb 821dc8a2a95691b72ab699f4217399690bdcb111 154624 libdw-dev_0.165-3ubuntu1.1_powerpc.deb 70cd384da42c1cfeeb82473e13cb47d4cd47d926 592814 libdw1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb d149a562a4221b2f310159a5226787f344d00ce9 187138 libdw1_0.165-3ubuntu1.1_powerpc.deb e191386a363b24e35901e577da294f7f2fb1aa8c 52372 libelf-dev_0.165-3ubuntu1.1_powerpc.deb a2f9a6316d8993f9ba98f1717457cc3026246824 124646 libelf1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb 7aaf59f1b2240597d15012ad103432a0eea2d9cf 42630 libelf1_0.165-3ubuntu1.1_powerpc.deb Checksums-Sha256: a5afbc9a3b268a23f910e2f8f01381358951d7e1241997b46dedf0afd3d9ab3f 570288 elfutils-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb c384db5a89562121ff7ffae021de0873951c6164fdc28cdd81b64febc9319ff5 257822 elfutils_0.165-3ubuntu1.1_powerpc.deb 49582bd8cc0b45e7d9d6fe2b29c9c8e1865b1a9eb1d51079dd73f78de341eaa2 563940 elfutils_0.165-3ubuntu1.1_powerpc_translations.tar.gz 36f08c1747265f321a47105fc34505bac9aa707277e6a7d75e570c654c369d52 16404 libasm-dev_0.165-3ubuntu1.1_powerpc.deb fea17e79141039a3f881eed7a41ee532fd6aac53f07a2c788b8500a59ed50302 43494 libasm1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb 82c9827aa5da9772f93b4ba42e8f52d8bbc5248bd008c06fbd8d2cabe5bf3b3a 16122 libasm1_0.165-3ubuntu1.1_powerpc.deb cd8580870827de2ddb94ecace052cdd93f1f92fe675ba2fc50d620688b4806ee 154624 libdw-dev_0.165-3ubuntu1.1_powerpc.deb 9aaba44e915c082897334634ec95a9e86078dffa28ce9cc8b52d1871cfbc8738 592814 libdw1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb f9e665646d2198c2aacd6848e6e3e40da4ec5634ed54f10dfd18bda319de4064 187138 libdw1_0.165-3ubuntu1.1_powerpc.deb 2590da85e2b5e24d1ab1347151d487e8081bf9a11531c5086a4a8701117caffb 52372 libelf-dev_0.165-3ubuntu1.1_powerpc.deb c96c102fa4ca8570d19e01902f84b82c7fc06ea808404c7b278531288429ca5b 124646 libelf1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb bd5f35b4e96be013952be2937880a588d241ade1c19e0e71401fc3420d821da6 42630 libelf1_0.165-3ubuntu1.1_powerpc.deb Files: e8128607b57635b2bfeb1ced600dff40 570288 utils extra elfutils-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb d7b5ddf036735582855619822dd82987 257822 utils optional elfutils_0.165-3ubuntu1.1_powerpc.deb 87a67c18049698f0b686bf123ff9d98f 563940 raw-translations - elfutils_0.165-3ubuntu1.1_powerpc_translations.tar.gz 3737feecd869eef179adb04ae0a8fba3 16404 libdevel optional libasm-dev_0.165-3ubuntu1.1_powerpc.deb baeb298e9afa080df5c3c5fcdab0d66a 43494 libs extra libasm1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb 969bdabcdb82497f6587b072c69a3213 16122 libs optional libasm1_0.165-3ubuntu1.1_powerpc.deb 51e3a1fcc41e7a1ec111f7349ae0816c 154624 libdevel optional libdw-dev_0.165-3ubuntu1.1_powerpc.deb bb9cbc48fad07928688c3ff616b1d73c 592814 libs extra libdw1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb dfdc6b12e3383c9ae2b739438b974d71 187138 libs optional libdw1_0.165-3ubuntu1.1_powerpc.deb 42be8b8323e9ae77ac6e1b05b438e192 52372 libdevel optional libelf-dev_0.165-3ubuntu1.1_powerpc.deb d474c6bbf60b785fe121890bc5d78d41 124646 libs extra libelf1-dbgsym_0.165-3ubuntu1.1_powerpc.ddeb f78b3fb19c1682353daf1937c02d219f 42630 libs optional libelf1_0.165-3ubuntu1.1_powerpc.deb Original-Maintainer: Kurt Roeckx