Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 230593
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Toolchain Maintainers <toolchain@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 230593 depends on: Show dependency tree
Bug 230593 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-07-03 00:31 0000 
CVE-2008-2310 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2310):
  Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4
  allows user-assisted attackers to execute arbitrary code or cause a denial of
  service (application crash) via a crafted string in (1) C++ or (2) Java
  source code.

------- Comment #1 From Robert Buchholz 2008-07-03 00:33:54 0000 ------- 
Apple writes:

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

Impact: Passing a maliciously crafted string to c++filt may lead to an
unexpected application termination or arbitrary code execution

Description: A format string issue exists in c++filt, which is a
debugging tool used to demangle C++ and Java symbols. Passing a
maliciously crafted string to c++filt may lead to an unexpected
application termination or arbitrary code execution. This update
addresses the issue through improved handling of format strings. This
issue does not affect systems prior to Mac OS X 10.5.


Patch:
http://sourceware.org/ml/binutils/2007-11/msg00221.html
http://sourceware.org/cgi-bin/cvsweb.cgi/src/binutils/cxxfilt.c.diff?r1=1.14&r2=1.15&cvsroot=src

------- Comment #2 From Mark Loeser 2008-07-05 14:25:16 0000 ------- 
sys-devel/binutils-2.18-r3 has been added to the tree

------- Comment #3 From Pierre-Yves Rofes 2008-07-06 18:29:36 0000 ------- 
arches, please test and mark stable sys-devel/binutils-2.18-r3. 
Target KEYWORDS: "alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86"

------- Comment #4 From Christian Faulhammer 2008-07-06 18:59:57 0000 ------- 
Are test failures expected?

------- Comment #5 From Mark Loeser 2008-07-06 23:04:47 0000 ------- 
Any new failures between the new version and the last stable?  That one failed
tests as well.  I'll try and make the tests useful at some point, but that will
take some time.

------- Comment #6 From Jeroen Roovers 2008-07-06 23:44:14 0000 ------- 
Stable for HPPA.

------- Comment #7 From Brent Baude 2008-07-07 03:46:13 0000 ------- 
ppc and ppc64 done

------- Comment #8 From Christian Faulhammer 2008-07-07 08:48:31 0000 ------- 
x86 stable

------- Comment #9 From Raúl Porcel 2008-07-07 11:52:42 0000 ------- 
alpha/ia64/sparc stable

------- Comment #10 From Markus Meier 2008-07-07 21:35:31 0000 ------- 
amd64 stable

------- Comment #11 From Robert Buchholz 2008-07-08 00:35:39 0000 ------- 
glsa request filed

------- Comment #12 From SpanKY 2008-07-16 11:10:41 0000 ------- 
security team has already decided in the past to not do glsa's for toolchain,
and there's no reason to start now
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug