Summary: | <sys-devel/binutils-2.32: heap-based buffer over-read in _bfd_doprnt in bfd.c (CVE-2019-12972) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://sourceware.org/bugzilla/show_bug.cgi?id=24689 | ||
Whiteboard: | A3 [glsa+ masked cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2019-06-27 17:23:49 UTC
Fixed in 2.32, which is masked, and the standard for toolchain packages. Mask done for bug 711324, 2020-04-26: https://gitweb.gentoo.org/repo/gentoo.git/commit/profiles/package.mask?id=cf7bc8cee05a4dd95af28b48b66dd5a93e48a5c8 This issue was resolved and addressed in GLSA 202007-39 at https://security.gentoo.org/glsa/202007-39 by GLSA coordinator Sam James (sam_c). |