Summary: | <sys-devel/binutils-2.28.1: stack-based buffer over-read in getvalue function | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1469752 | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-07-12 15:17:56 UTC
commit cf5003fe2fc3b45f366d0a3c6fdf834ed9d54321 Author: Matthias Maier <tamiko@gentoo.org> Date: Tue Aug 1 19:05:14 2017 -0500 sys-devel/binutils: version bump to 2.28.1, patchset 1.0 Includes fixes for bugs #622036 #622500 #622886 #624524 #624702 Package-Manager: Portage-2.3.6, Repoman-2.3.3 @Maintainers could you please confirm if we need to stabilize or should we proceed with cleanup? Thanks Gentoo Security Padawan ChrisADR All vulnerable versions are masked. No cleanup (toolchain package). This issue was resolved and addressed in GLSA 201709-02 at https://security.gentoo.org/glsa/201709-02 by GLSA coordinator Aaron Bauman (b-man). |