Format: 1.8 Date: Fri, 07 Jun 2019 11:03:46 -0400 Source: elfutils Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev Architecture: arm64 arm64_translations Version: 0.170-0.5.0ubuntu1.1 Distribution: cosmic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: elfutils - collection of utilities to handle ELF objects libasm-dev - libasm development libraries and header files libasm1 - library with a programmable assembler interface libdw-dev - libdw1 development libraries and header files libdw1 - library that provides access to the DWARF debug information libelf-dev - libelf1 development libraries and header files libelf1 - library to read and write ELF files Changes: elfutils (0.170-0.5.0ubuntu1.1) cosmic-security; urgency=medium . * SECURITY UPDATE: DoS via a crafted file - debian/patches/CVE-2018-16062.patch: make sure there is enough data to read full aranges header in libdw/dwarf_getaranges.c, src/readelf.c. - CVE-2018-16062 * SECURITY UPDATE: double free and application crash - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c, libelf/libelf.h. - CVE-2018-16402 * SECURITY UPDATE: incorrect end of the attributes list check - debian/patches/CVE-2018-16403.patch: check end of attributes list consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c. - CVE-2018-16403 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18310.patch: sanity check partial core file data reads in libdwfl/dwfl_segment_report_module.c. - CVE-2018-18310 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in src/size.c. - CVE-2018-18520 * SECURITY UPDATE: divide by zero vulnerabilties - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero in src/arlib.c. - CVE-2018-18521 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c, src/readelf.c. - CVE-2019-7149 * SECURITY UPDATE: incorrect truncated dyn data read handling - debian/patches/CVE-2019-7150.patch: sanity check partial core file dyn data read in libdwfl/dwfl_segment_report_module.c. - CVE-2019-7150 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes contain a zero terminated string in libdwfl/linux-core-attach.c, libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c. - CVE-2019-7665 Checksums-Sha1: f756f27e386170df042c29717fdcb9c2e6b0828e 884996 elfutils-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb f3366b1dae2e08cc3bd99365f3729172ac37fc90 8311 elfutils_0.170-0.5.0ubuntu1.1_arm64.buildinfo e3a727bee4ad40280f5d921f3fe241cec8dd049c 219328 elfutils_0.170-0.5.0ubuntu1.1_arm64.deb 0113777b9e5431f69f3f95c2a3a297d49a99576e 525866 elfutils_0.170-0.5.0ubuntu1.1_arm64_translations.tar.gz 8c5cc37322b81541c5b23d687fec78b03fcc8d71 17332 libasm-dev_0.170-0.5.0ubuntu1.1_arm64.deb 2ca85d85e333cbdcbb34e72e43d3c2ec5cbfd8c7 66548 libasm1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 161734426aa5b89631d8b8590fafbb0e52010b52 13680 libasm1_0.170-0.5.0ubuntu1.1_arm64.deb 7c9a224fdb92a69ddf89f5edd5b195bdac52b630 174608 libdw-dev_0.170-0.5.0ubuntu1.1_arm64.deb 735d0d0abbda110107d5d04176ce1fc260a949dc 1268532 libdw1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 5e1f0e3e2ec45037d730722d9fccab8b99646e89 188296 libdw1_0.170-0.5.0ubuntu1.1_arm64.deb 39780b8b80f14ba6784d1b562c1743f2eb30ada7 57244 libelf-dev_0.170-0.5.0ubuntu1.1_arm64.deb 6a8760516cd821fdd56e39a6f00470e066bf700d 272824 libelf1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb e334c647b062141d3a8c1fac2c4512db9997e7d3 44024 libelf1_0.170-0.5.0ubuntu1.1_arm64.deb Checksums-Sha256: 3c1316bedf69e47de71c1c8f81902edd600ce54a741e5056eb807d94b46a695a 884996 elfutils-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 637120c84b7234ba3890a12848978cb7099de823e347659aa82f29c10ed1c0ab 8311 elfutils_0.170-0.5.0ubuntu1.1_arm64.buildinfo 6ae7f6d58d2ad89d92e31dfc38c7a194df74f7eb784e534442ecf16ca6ee7961 219328 elfutils_0.170-0.5.0ubuntu1.1_arm64.deb 87ec4755af1b1d5d449797ab3480fe9bd8d4fc27e25ec8f9caa6dd297379cf4c 525866 elfutils_0.170-0.5.0ubuntu1.1_arm64_translations.tar.gz 6de89f62aeee75256bfb0f4a4360a34c4ca201c3d8591101d8b4e1dcea5974e7 17332 libasm-dev_0.170-0.5.0ubuntu1.1_arm64.deb 7a322b4cf2e692ec3eb7fad3f0cdfd948e007eab3cbdad4d602db4eff9b148ac 66548 libasm1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb ad5bbbe40c572ae95328badfb705b4704b6d24a4d940c3c62af0238bb8ed01fe 13680 libasm1_0.170-0.5.0ubuntu1.1_arm64.deb 145bd81472ca2ce4b5597e1bc9eb8db6e0776e296c7f2a17ac2e467fb46d29d9 174608 libdw-dev_0.170-0.5.0ubuntu1.1_arm64.deb eabe9fc0e253cc72b641e169ff08bcf973a42bda0f831018d0bf7b0c0245bf28 1268532 libdw1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 8836a5268a0b2c1aa071bba3685120c1603975fc983a00c6d75b4262a6333fb5 188296 libdw1_0.170-0.5.0ubuntu1.1_arm64.deb 83aab219bb895e18ac1d3aa947c9fe7099b5151485b17d1e8cbc8ed0164caa35 57244 libelf-dev_0.170-0.5.0ubuntu1.1_arm64.deb 3fd2cc9f8d55c5b67cbd59a96d0e8d57650195e7bd931b5a4dbfa3eb482a8dde 272824 libelf1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 72d65c1dfd76bc9019776e074f14e5fe33e6956fd8aee055e14ade7c7c48f1c8 44024 libelf1_0.170-0.5.0ubuntu1.1_arm64.deb Files: 81850515948f0986556e3cdb6db129a9 884996 debug optional elfutils-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb d5a5b0db629ccb2ce98543ef15b62c82 8311 libs optional elfutils_0.170-0.5.0ubuntu1.1_arm64.buildinfo e181cf17bd5e99dfa5dc18837eef2330 219328 utils optional elfutils_0.170-0.5.0ubuntu1.1_arm64.deb 7959210de802fdfa36fcf17a7e4d364b 525866 raw-translations - elfutils_0.170-0.5.0ubuntu1.1_arm64_translations.tar.gz a1739b8ea9313cc5beea5aa09de26b11 17332 libdevel optional libasm-dev_0.170-0.5.0ubuntu1.1_arm64.deb ee637192a5eea51d6df982817caa9dbc 66548 debug optional libasm1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 13064812e7446c20820241330cefa45d 13680 libs optional libasm1_0.170-0.5.0ubuntu1.1_arm64.deb 601830c606c9f8c75ec8e964596d9ee1 174608 libdevel optional libdw-dev_0.170-0.5.0ubuntu1.1_arm64.deb da6b9ecdb1b8d99d43bc8269c5c29a69 1268532 debug optional libdw1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb 84d3ed49cf145de157e2dd792ff6e2fe 188296 libs optional libdw1_0.170-0.5.0ubuntu1.1_arm64.deb 86f81aba0cf1c336ba3fa522a5bb15f3 57244 libdevel optional libelf-dev_0.170-0.5.0ubuntu1.1_arm64.deb 8c7c55307785069838c1496ddc14af4e 272824 debug optional libelf1-dbgsym_0.170-0.5.0ubuntu1.1_arm64.ddeb bc8017fcaccd4be315cacdbbbf756161 44024 libs optional libelf1_0.170-0.5.0ubuntu1.1_arm64.deb Original-Maintainer: Kurt Roeckx