Summary: | sys-devel/binutils < 2.18-r3 c++filt demangle_it() Format String Vulnerability (CVE-2008-2310) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Toolchain Maintainers <toolchain> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | security |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://sourceware.org/ml/binutils/2007-11/msg00221.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2008-07-03 00:31:20 UTC
Apple writes: http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html Impact: Passing a maliciously crafted string to c++filt may lead to an unexpected application termination or arbitrary code execution Description: A format string issue exists in c++filt, which is a debugging tool used to demangle C++ and Java symbols. Passing a maliciously crafted string to c++filt may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of format strings. This issue does not affect systems prior to Mac OS X 10.5. Patch: http://sourceware.org/ml/binutils/2007-11/msg00221.html http://sourceware.org/cgi-bin/cvsweb.cgi/src/binutils/cxxfilt.c.diff?r1=1.14&r2=1.15&cvsroot=src sys-devel/binutils-2.18-r3 has been added to the tree arches, please test and mark stable sys-devel/binutils-2.18-r3. Target KEYWORDS: "alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86" Are test failures expected? Any new failures between the new version and the last stable? That one failed tests as well. I'll try and make the tests useful at some point, but that will take some time. Stable for HPPA. ppc and ppc64 done x86 stable alpha/ia64/sparc stable amd64 stable glsa request filed security team has already decided in the past to not do glsa's for toolchain, and there's no reason to start now |