Format: 1.8 Date: Fri, 07 Jun 2019 11:03:46 -0400 Source: elfutils Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev Architecture: s390x s390x_translations Version: 0.170-0.5.0ubuntu1.1 Distribution: cosmic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: elfutils - collection of utilities to handle ELF objects libasm-dev - libasm development libraries and header files libasm1 - library with a programmable assembler interface libdw-dev - libdw1 development libraries and header files libdw1 - library that provides access to the DWARF debug information libelf-dev - libelf1 development libraries and header files libelf1 - library to read and write ELF files Changes: elfutils (0.170-0.5.0ubuntu1.1) cosmic-security; urgency=medium . * SECURITY UPDATE: DoS via a crafted file - debian/patches/CVE-2018-16062.patch: make sure there is enough data to read full aranges header in libdw/dwarf_getaranges.c, src/readelf.c. - CVE-2018-16062 * SECURITY UPDATE: double free and application crash - debian/patches/CVE-2018-16402.patch: return error if elf_compress_gnu is used on SHF_COMPRESSED section in libelf/elf_compress_gnu.c, libelf/libelf.h. - CVE-2018-16402 * SECURITY UPDATE: incorrect end of the attributes list check - debian/patches/CVE-2018-16403.patch: check end of attributes list consistently in libdw/dwarf_getabbrev.c, libdw/dwarf_hasattr.c. - CVE-2018-16403 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18310.patch: sanity check partial core file data reads in libdwfl/dwfl_segment_report_module.c. - CVE-2018-18310 * SECURITY UPDATE: invalid memory address dereference - debian/patches/CVE-2018-18520.patch: handle recursive ELF ar files in src/size.c. - CVE-2018-18520 * SECURITY UPDATE: divide by zero vulnerabilties - debian/patches/CVE-2018-18521.patch: check that sh_entsize isn't zero in src/arlib.c. - CVE-2018-18521 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7149.patch: check terminating NUL byte in dwarf_getsrclines for dir/file table in libdw/dwarf_getsrclines.c, src/readelf.c. - CVE-2019-7149 * SECURITY UPDATE: incorrect truncated dyn data read handling - debian/patches/CVE-2019-7150.patch: sanity check partial core file dyn data read in libdwfl/dwfl_segment_report_module.c. - CVE-2019-7150 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes contain a zero terminated string in libdwfl/linux-core-attach.c, libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c. - CVE-2019-7665 Checksums-Sha1: 415ba0b959d4a3a45d19516107b8c8e77825888a 901764 elfutils-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 65606a098823c9d6126bc9c1ab4c60f995a800ca 8219 elfutils_0.170-0.5.0ubuntu1.1_s390x.buildinfo 14538b1e2b8c3be681cd43b668bd688aa69c73b8 222400 elfutils_0.170-0.5.0ubuntu1.1_s390x.deb a50bc9dcb74bbdbb12e437b14f5c4b28582df9cb 524054 elfutils_0.170-0.5.0ubuntu1.1_s390x_translations.tar.gz 6d1cb729913dddf5dc7c91880458c9c97758eaa3 16492 libasm-dev_0.170-0.5.0ubuntu1.1_s390x.deb cde7d926908c16e427151247a450119fad0b71c5 64728 libasm1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 8fd8a79d310aba14b9f0d4a96fc0e323893d32a3 13424 libasm1_0.170-0.5.0ubuntu1.1_s390x.deb 2454fa15d72ca1d5ca9fc78a24e359a874111190 169564 libdw-dev_0.170-0.5.0ubuntu1.1_s390x.deb 322a8d712472d23a19a8006758c3f505bd616da0 1277052 libdw1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb d77f95d5cec671198b985cde07bf02a8558147ea 185400 libdw1_0.170-0.5.0ubuntu1.1_s390x.deb 3537ed849436c2c9235862c84c1e8c50358b8c41 53764 libelf-dev_0.170-0.5.0ubuntu1.1_s390x.deb 6a40b99fc08dd53705776e78ccff65c7c7cfc1fe 272508 libelf1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb eddbedd87b8946240761f8d35c17986033597f4a 41772 libelf1_0.170-0.5.0ubuntu1.1_s390x.deb Checksums-Sha256: a69a0dc79be8b6d2f371c161a6fa7bb7f4576a4e6ac0960d3ce967c71f42a919 901764 elfutils-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 9ac27ec393ef677a6731691b2360cab2e70ae0c609118dea2b8ef79516d0b02d 8219 elfutils_0.170-0.5.0ubuntu1.1_s390x.buildinfo 812600b02dab3a6a1635c84f6512a498ccbd9efd69ab1aedbe59b21dc26b113f 222400 elfutils_0.170-0.5.0ubuntu1.1_s390x.deb 5dd3cd1bb754c53acf25f828ec3088bc33d5ea90955d031dda68bf3253070d33 524054 elfutils_0.170-0.5.0ubuntu1.1_s390x_translations.tar.gz 9daf7a9c154bbc4eca4a6264cd8fd02b43cab932ccea5d8f1a4b998613a9f8fd 16492 libasm-dev_0.170-0.5.0ubuntu1.1_s390x.deb 61ab0a5fb2ce37916937fbe08b3eb7a371bccca776e2d9c09b6ef92416ec5705 64728 libasm1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb dfdc1d73f08101fff76e2c80fd109277f69b30962bf2930d773cd7f2c26f2584 13424 libasm1_0.170-0.5.0ubuntu1.1_s390x.deb 93aa5101a916cb5c693d96849040c58e4318c74bb6405b816b27bc720cdd0c42 169564 libdw-dev_0.170-0.5.0ubuntu1.1_s390x.deb 66efd5ca267452751a21d751750791a72d9d47d743be800b749324de830e04b0 1277052 libdw1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 4340357c017be8fb9721e3e74db5f9ae003b5917488cad38c8c58dffbc24a0c4 185400 libdw1_0.170-0.5.0ubuntu1.1_s390x.deb b1bec95df3485b46f980c037dbd51d675d9aadd7ff3b4bdc1d47acc5123b3299 53764 libelf-dev_0.170-0.5.0ubuntu1.1_s390x.deb 3a669dcbffa87393603604605b9439fa2507771dd4a72b56537aab3cb5ec4755 272508 libelf1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 9fd82edecc563c9669ac1b2602b7d12bda5ddafbb769bf7e19e3acd132ecd905 41772 libelf1_0.170-0.5.0ubuntu1.1_s390x.deb Files: 99e988adb66e151fb4dd84f551707bb3 901764 debug optional elfutils-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb bf202181bcfbbee85e6e069a432ee852 8219 libs optional elfutils_0.170-0.5.0ubuntu1.1_s390x.buildinfo a5becb5c823cfdc3c97f071e5f2c2178 222400 utils optional elfutils_0.170-0.5.0ubuntu1.1_s390x.deb 82922b289361e7ea8a2a386fdf07741f 524054 raw-translations - elfutils_0.170-0.5.0ubuntu1.1_s390x_translations.tar.gz ae815bedd50708b7f2d48712e37d6039 16492 libdevel optional libasm-dev_0.170-0.5.0ubuntu1.1_s390x.deb d6e8cfd5c98dc4f7e3adcdcffbe46903 64728 debug optional libasm1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb 83372486856897637c33502b449275d7 13424 libs optional libasm1_0.170-0.5.0ubuntu1.1_s390x.deb fa469f68f801084202c6210286331379 169564 libdevel optional libdw-dev_0.170-0.5.0ubuntu1.1_s390x.deb a1d5765932dfffab37d370319f940870 1277052 debug optional libdw1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb b55407c42ea8d499262f6c78eef6797d 185400 libs optional libdw1_0.170-0.5.0ubuntu1.1_s390x.deb a974bb3a32b94acf47396828ff37916f 53764 libdevel optional libelf-dev_0.170-0.5.0ubuntu1.1_s390x.deb 9bc478508f7c2bf60c8f72a43c11cc22 272508 debug optional libelf1-dbgsym_0.170-0.5.0ubuntu1.1_s390x.ddeb b543f85733e6e563a06c9fff0a0439a8 41772 libs optional libelf1_0.170-0.5.0ubuntu1.1_s390x.deb Original-Maintainer: Kurt Roeckx