Debian-LTS alert DLA-552-1 (binutils)
| From: | Brian May <bam@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 552-1] binutils security update | |
| Date: | Mon, 18 Jul 2016 18:45:05 +1000 | |
| Message-ID: | <20160718084505.GA26376@prune.linuxpenguins.xyz> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : binutils Version : 2.22-8+deb7u3 CVE ID : CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131 Some minor security issues have been identified and fixed in binutils in Debian LTS. These are: CVE-2016-2226 Exploitable buffer overflow. CVE-2016-4487 Invalid write due to a use-after-free to array btypevec. CVE-2016-4488 Invalid write due to a use-after-free to array ktypevec. CVE-2016-4489 Invalid write due to integer overflow. CVE-2016-4490 Write access violation. CVE-2016-4492 Write access violations. CVE-2016-4493 Read access violations. CVE-2016-6131 Stack buffer overflow when printing bad bytes in Intel Hex objects For Debian 7 "Wheezy", these problems have been fixed in version 2.22-8+deb7u3. We recommend that you upgrade your binutils packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -- Brian May <bam@debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXjJcRAAoJEBeEV3+BH26s0+EQAJH9Siq7aynsEuN1UjiS/6DY DIyE1raEF3uJRIODPO25nhutxJ7e0V7sz0SmOtf6eeHmx2cFMi//A7xLhQHaRTGu Ae+8y/zFDOA/bdyaB//yAdbiicOsfRPxBg2Eb4DNkm0/qK1EcMAyDlZNKbIEqIHu UQDbHAHALyrJP4q4xww7ZIpbwiwEsJ5BtXqXGExb3Z49r7GvqG/HL0nju6EAFWxn qajzeU+j+8b6uu10cXiE1sW/ygoIj9Yb62RKavG6grqrdaFBqLQcFRqJ3eCXwpdq JUCRftGuD/AeflKwN5vvYqeeAoWX7ThY0Hp9KO+o4m6v6cRbxsfWFyvCuaXYEYw9 B7Yagx3Wowuwy0FcQuJeyZ3bRaL7V001UGeD/VtYHez56r8JtgxE09REdlQLmo3F dzGNle7opL+MmNzFJc914IP4VqkJq3EETSy3gkvA/7dEyuLgMwU2nM3wNEDb20Af q/H3ivH+p8E87oS7w3vGz1nnmjvLt+AXC8pExVzbHZVf4ELMoULcs/vuLdE7o66A Uv0xPZE5M+Z1sjRG/tBdZHHlmlxYFYWcuSmpDj5ut+kUGNwWnXe5JcSKf2vtj2Pu O0kE3sMQpHNTL0H9xTthVDwSuAsQy8ZbiklHQrj9NlTRPFu+NmK+k5ZCNEl5e+1W 9bhqEFNr35NCmWBn2IU8 =1pnR -----END PGP SIGNATURE-----