[Bug 200888] CVE-2012-3509 libiberty: integer overflow

bugzilla-noreply Mon, 15 Jun 2015 15:12:12 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200888


            Bug ID: 200888
           Summary: CVE-2012-3509 libiberty: integer overflow
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: gnu
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 157772
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157772&action=edit
fix from OpenBSD

CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by
processing certain file headers via bfd binary.

I stopped using gcc a while ago so I have no idea how useful/important this may
be.

OpenBSD has applied the following change:

http://freshbsd.org/commit/openbsd/c507578c3b16e773f91845211533295791f6b94d

I have translated it to the attached patch.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"

[Bug 200888] CVE-2012-3509 libiberty: integer overflow

Reply via email to