Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
26812c44 by Salvatore Bonaccorso at 2021-08-15T22:08:57+02:00
Update information for several binutils issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13979,7 +13979,7 @@ CVE-2021-32617 (Exiv2 is a command-line utility and C++
library for reading, wri
CVE-2021-32616 (1CDN is open-source file sharing software. In 1CDN before
commit f88a2 ...)
NOT-FOR-US: 1CDN
CVE-2021-3549 (An out of bounds flaw was found in GNU binutils objdump utility
versio ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.37-3 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=27294
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7
NOTE: binutils not covered by security support
@@ -19530,7 +19530,7 @@ CVE-2021-30477 (An issue was discovered in Zulip Server
before 3.4. A bug in the
CVE-2021-30476 (HashiCorp Terraform’s Vault Provider
(terraform-provider-vault) ...)
NOT-FOR-US: HashiCorp Terraform Vault Provider
CVE-2021-3487 (There's a flaw in the BFD library of binutils in versions
before 2.36. ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.37-3 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26946
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=647cebce12a6b0a26960220caff96ff38978cf24
NOTE: binutils not covered by security support
@@ -45340,8 +45340,9 @@ CVE-2021-20295 [Regression of CVE-2020-10756 fix in
virt:rhel/qemu-kvm in Red Ha
RESERVED
- qemu <not-affected> (RHEL 8.3 specific security regression)
CVE-2021-20294 (A flaw was found in binutils readelf 2.35 program. An attacker
who is ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35.2-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26929
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=372dd157272e0674d13372655cc60eaca9c06926
NOTE: binutils not covered by security support
CVE-2021-20293 (A reflected Cross-Site Scripting (XSS) flaw was found in
RESTEasy in a ...)
- resteasy <undetermined>
@@ -45383,8 +45384,9 @@ CVE-2021-20285 (A flaw was found in upx canPack in
p_lx_elf.cpp in UPX 3.96. Thi
NOTE: https://github.com/upx/upx/issues/421
NOTE:
https://github.com/upx/upx/commit/3781df9da23840e596d5e9e8493f22666802fe6c
CVE-2021-20284 (A flaw was found in GNU Binutils 2.35.1, where there is a
heap-based b ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.37-3 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26931
+ NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f60742b2a1988d276c77d5c1011143f320d9b4cb
NOTE: binutils not covered by security support
CVE-2021-20283 (The web service responsible for fetching other users' enrolled
courses ...)
- moodle <removed>
@@ -45817,7 +45819,7 @@ CVE-2021-20198 (A flaw was found in the OpenShift
Installer before version v0.9.
NOT-FOR-US: OpenShift
CVE-2021-20197 (There is an open race window when writing output in the
following util ...)
[experimental] - binutils 2.35.50.20201209-1
- - binutils <unfixed> (unimportant)
+ - binutils 2.37-3 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26945
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=014cc7f849e8209623fc99264814bce7b3b6faf2
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1a1c3b4cc17687091cff5a368bd6f13742bcfdf8
@@ -81567,7 +81569,7 @@ CVE-2020-16600 (A Use After Free vulnerability exists
in Artifex Software, Inc.
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702253
NOTE:
http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b
CVE-2020-16599 (A Null Pointer Dereference vulnerability exists in the Binary
File Des ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25842
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d55d10ac0d112c586eaceb92e75bd9b80aadcc4
NOTE: binutils not covered by security support
@@ -81582,22 +81584,22 @@ CVE-2020-16595
CVE-2020-16594
RESERVED
CVE-2020-16593 (A Null Pointer Dereference vulnerability exists in the Binary
File Des ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25827
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729
NOTE: binutils not covered by security support
CVE-2020-16592 (A use after free issue exists in the Binary File Descriptor
(BFD) libr ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25823
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7ecb51549ab1ec22aba5aaf34b70323cf0b8509a
NOTE: binutils not covered by security support
CVE-2020-16591 (A Denial of Service vulnerability exists in the Binary File
Descriptor ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25822
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=001890e1f9269697f7e0212430a51479271bdab2
NOTE: binutils not covered by security support
CVE-2020-16590 (A double free vulnerability exists in the Binary File
Descriptor (BFD) ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.35-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25821
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4
NOTE: binutils not covered by security support
@@ -131795,12 +131797,12 @@ CVE-2019-17453 (Bento4 1.5.1.0 has a NULL pointer
dereference in AP4_DescriptorL
CVE-2019-17452 (Bento4 1.5.1.0 has a NULL pointer dereference in
AP4_DescriptorListIns ...)
NOT-FOR-US: Bento4
CVE-2019-17451 (An issue was discovered in the Binary File Descriptor (BFD)
library (a ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.34-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25070
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1
NOTE: binutils not covered by security support
CVE-2019-17450 (find_abstract_instance in dwarf2.c in the Binary File
Descriptor (BFD) ...)
- - binutils <unfixed> (unimportant)
+ - binutils 2.34-1 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25078
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=063c511bd79281f33fd33f0964541a73511b9e2b
NOTE: binutils not covered by security support
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26812c4484544a4dc4050153094828b2c5a942c1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26812c4484544a4dc4050153094828b2c5a942c1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
