From ${URL}: The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. CVE Detahttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13710 Upstream Patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0c54f69295208331faab9bc5e995111a35672f9b
2.29, 2.29.1 affected Fixed in git master, patch does not apply to 2.29 branch
Fixed upstream in master and 2.30 branch, will be in Gentoo 2.30 patchlevel 2 and later.
(In reply to Andreas K. Hüttel from comment #2) > Fixed upstream in master and 2.30 branch, will be in Gentoo 2.30 patchlevel 2 > and later. Actually, is alrady fixed in sys-devel/binutils-2.30
@maintainer(s), are we able to proceed here? not sure if GLSA is still needed as upgrade path already established for 2.30-r4 fulfilled. also, removing blocked and stable from whiteboard to reflect current state.