[CLSA-2023:1687795384] Fix CVE(s): CVE-2023-25584, CVE-2017-12450, CVE-2023-25588, CVE-2023-25585
Type:
security
Severity:
Moderate
Release date:
2023-06-26 16:03:09 UTC
Description:
* SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream - debian/patches/CVE-2017-12450-1.patch: fix address violation errors - debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs - CVE-2017-12450 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-25584.patch: lack of bounds checking in vms-alpha.c - CVE-2023-25584 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25585.patch: field file_table of struct module is uninitialized - CVE-2023-25585 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25588.patch: field `the_bfd` of `asymbol` is uninitialised - CVE-2023-25588 * Fix memory leaks and buffer overflow in vms-alpha.c - debian/patches/vms-alpha-buffer-overflow-fix.patch: fix heap-based buffer overflow in build_module_list in vms-alpha.c - debian/patches/vms-alpha-memory-leaks-fix.patch: fix memory leaks and buffer overflow in vms-alpha.c
Updated packages:
  • binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:f28d1cfe6914b8644c7c67d92d43ddcbd895f770
  • binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:b7e16c9099a1deb8203a35ebb7580c10fe43799b
  • binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:5909bb7fb388e1666f7983b3844d4664ddeaab97
  • binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:40f0ba1bc99281dccc1874a54287b414a2912129
  • binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:99f8347723e376ac2076aed660ce6663c286d7ec
  • binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:167f71ab2dafc64f73058f1339b0d862c3f6f70e
  • binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_all.deb
    sha:6b2cbeae19e610798266ebb2222ca3b2b24639e8
  • binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:f0b47c655cc9e87c1b785e291f3849b3c1db550d
  • binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:85e6fe95d4eb66b77008b68244bbff15f54c4e32
  • binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:114d9d9ed6b0a1e46a9974cc70f5334825347c95
  • binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:0068410d2d375c29d7eaf7f15f03e94196eaee7f
  • binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:7094f983cd465aaffeea3ea5e70f46261b3eb922
  • binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:4a3f59044d082158ff4711e88a8bebe4cdef5262
  • binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:69d2ee2c822e0e1f5fc277598ae6cb009d64b994
  • binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:f12edcd9b211a9f1b1a348e7e5679f84285454b0
  • binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:fdf258518697af899ec78de8b7b8b14ba1439f27
  • binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:3df73de59a82536a5acf6d23ba0b0b1123308b29
  • binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:e52563adf8375911ad08c0d7d16777234abc4e3d
  • binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:77365496d61bc9e450dc169ec10d23f698e8c37b
  • binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:3842bee16e0fce4d038a9ec009a2fcb93147dffd
  • binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:8b0e6b2bb1b0da5d590c9f47e61c0a30aa2c1761
  • binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:8321326cd6ec924436f9e61b22b04187b5cc921a
  • binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_all.deb
    sha:64ac53c4bbc46b623f5d8c450f014d124f173bc8
  • binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb
    sha:b192c48a976af69016f7a860e259367d426c4d8e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.