(https://nvd.nist.gov/vuln/detail/CVE-2019-12972): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. @maintainer(s): fixed on Master via, commit:890f750a3b053532a4b839a2dd6243076de12031, milestone for 2.33 release. Gentoo Security Padawan (domhnall)
Fixed in 2.32, which is masked, and the standard for toolchain packages.
Mask done for bug 711324, 2020-04-26: https://gitweb.gentoo.org/repo/gentoo.git/commit/profiles/package.mask?id=cf7bc8cee05a4dd95af28b48b66dd5a93e48a5c8
This issue was resolved and addressed in GLSA 202007-39 at https://security.gentoo.org/glsa/202007-39 by GLSA coordinator Sam James (sam_c).