Information on source package binutils

Available versions

ReleaseVersion
wheezy2.22-8+deb7u2
wheezy (security)2.22-8+deb7u3
jessie2.25-5
stretch2.28-4
sid2.28-4

Open issues

BugwheezyjessiestretchsidDescription
CVE-2017-7614vulnerable (no DSA)vulnerable (no DSA)fixedfixedelflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...
CVE-2017-7304fixedvulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7303fixedvulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7302vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7301vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7300vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7299vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7227vulnerable (no DSA)vulnerable (no DSA)fixedfixedGNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based ...
CVE-2017-7226vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe pe_ILF_object_p function in the Binary File Descriptor (BFD) ...
CVE-2017-7225vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe find_nearest_line function in addr2line in GNU Binutils 2.28 does ...
CVE-2017-7224vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe find_nearest_line function in objdump in GNU Binutils 2.28 is ...
CVE-2017-7223vulnerable (no DSA)vulnerable (no DSA)fixedfixedGNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer ...
CVE-2017-7210vulnerable (no DSA)vulnerable (no DSA)fixedfixedobjdump in GNU Binutils 2.28 is vulnerable to multiple heap-based ...
CVE-2017-6969vulnerable (no DSA)vulnerable (no DSA)fixedfixedreadelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer ...
CVE-2017-6966vulnerable (no DSA)vulnerable (no DSA)fixedfixedreadelf in GNU Binutils 2.28 has a use-after-free (specifically ...
CVE-2017-6965vulnerable (no DSA)vulnerable (no DSA)fixedfixedreadelf in GNU Binutils 2.28 writes to illegal addresses while ...
CVE-2016-6131fixedvulnerable (no DSA)fixedfixedThe demangler in GNU Libiberty allows remote attackers to cause a ...
CVE-2016-4493fixedvulnerable (no DSA)fixedfixedThe demangle_template_value_parm and do_hpacc_template_literal ...
CVE-2016-4492fixedvulnerable (no DSA)fixedfixedBuffer overflow in the do_type function in cplus-dem.c in libiberty ...
CVE-2016-4491vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe d_print_comp function in cp-demangle.c in libiberty allows remote ...
CVE-2016-4490fixedvulnerable (no DSA)fixedfixedInteger overflow in cp-demangle.c in libiberty allows remote attackers ...
CVE-2016-4489fixedvulnerable (no DSA)fixedfixedInteger overflow in the gnu_special function in libiberty allows ...
CVE-2016-4488fixedvulnerable (no DSA)fixedfixedUse-after-free vulnerability in libiberty allows remote attackers to ...
CVE-2016-4487fixedvulnerable (no DSA)fixedfixedUse-after-free vulnerability in libiberty allows remote attackers to ...
CVE-2016-2226fixedvulnerable (no DSA)fixedfixedInteger overflow in the string_appends function in cplus-dem.c in ...
CVE-2014-9939fixedvulnerable (no DSA)fixedfixedihex.c in GNU Binutils before 2.26 contains a stack buffer overflow ...

Resolved issues

BugDescription
TEMP-0000000-E52D56Integer overflow in binutils' ELF parsing
CVE-2017-7209The dump_section_as_bytes function in readelf in GNU Binutils 2.28 ...
CVE-2014-8738The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU ...
CVE-2014-8737Multiple directory traversal vulnerabilities in GNU binutils 2.24 and ...
CVE-2014-8504Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...
CVE-2014-8503Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in ...
CVE-2014-8502Heap-based buffer overflow in the pe_print_edata function in ...
CVE-2014-8501The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU ...
CVE-2014-8485The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 ...
CVE-2014-8484The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before ...
CVE-2012-3509Multiple integer overflows in the (1) _objalloc_alloc function in ...
CVE-2008-2310Format string vulnerability in c++filt in Apple Mac OS X 10.5 before ...
CVE-2006-2362Buffer overflow in getsym in tekhex.c in libbfd in Free Software ...
CVE-2006-0646ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain ...
CVE-2005-4808Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) ...
CVE-2005-4807Stack-based buffer overflow in the as_bad function in messages.c in ...

Security announcements

DSA / DLADescription
DLA-552-1binutils - security update
DLA-324-1binutils - security update
DLA-184-1binutils - security update
DSA-3123-1binutils - security update

Search for package or bug name: Reporting problems