Fedora alert FEDORA-2025-c5b7a12d2d (binutils)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 42 Update: binutils-2.44-6.fc42 | |
| Date: | Sat, 02 Aug 2025 04:18:42 +0000 | |
| Message-ID: | <20250802041842.525E985527@bastion01.rdu3.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c5b7a12d2d 2025-08-02 04:17:27.037398+00:00 -------------------------------------------------------------------------------- Name : binutils Product : Fedora 42 Version : 2.44 Release : 6.fc42 URL : https://sourceware.org/binutils Summary : A GNU collection of binary utilities Description : Binutils is a collection of binary utilities, including ar (for creating, modifying and extracting from archives), as (a family of GNU assemblers), gprof (for displaying call graph profile data), ld (the GNU linker), nm (for listing symbols from object files), objcopy (for copying and translating object files), objdump (for displaying information from object files), ranlib (for generating an index for the contents of an archive), readelf (for displaying detailed information about binary files), size (for listing the section sizes of an object or archive file), strings (for listing printable strings from files), strip (for discarding symbols), and addr2line (for converting addresses to file and line). -------------------------------------------------------------------------------- Update Information: Backports patch to fix non-CVE 2025-8224 -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 29 2025 Nick Clifton <nickc@redhat.com> - 2.44-6 - Stop a potential null pointer dereference when examining corrupt DWARF debug information. (#2383860) (#2383873) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2383860 - CVE-2025-8224 binutils: Binutils BFD Null Pointer Dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2383860 [ 2 ] Bug #2383873 - CVE-2025-8225 binutils: Binutils DWARF Section Handler Memory Leak [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2383873 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c5b7a12d2d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue