Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 37: FEDORA-2023-abd34d4895 Critical: Resource Leak Mitigation

fedora
Calendar Grey April 23, 2023
Dist Fedora Esm H88
Upgrade to Fedora 36: improvements tackle buffer overflow alerts and vulnerabilities within the bfd library.
Disable stringop-overflow warnings

Summary

Insight is a tight graphical user interface to GDB written in Tcl/Tk.

It provides a comprehensive interface that enables users to harness

most of GDB's power. It's also probably the only up-to-date UI for

the latest GDB version.

Disable stringop-overflow warnings. Patch "bfd-CVE-2023-1972" fixes a security

issue in bfd library.

* Fri Apr 14 2023 Patrick Monnerat 13.0.50.20220502-9

- Disable stringop-overflow warnings.

- Patch "bfd-CVE-2023-1972" fixes a security issue in bfd library.

https://bugzilla.redhat.com/show_bug.cgi?id=2185646

* Wed Jan 25 2023 Florian Weimer - 13.0.50.20220502-8

- Apply binutils-gdb upstream patch to fix C99 issue in configure script

* Tue Jan 24 2023 Patrick Monnerat 13.0.50.20220502-7

- Patch "noselfmove" removes the move to self tests.

* Fri Dec 23 2022 Patrick Monnerat 13.0.50.20220502-5

- Patch "distutils" removes deprecated python 3.12 module use.

https://bugzilla.redhat.com/show_bug.cgi?id=2155038

[ 1 ] Bug #2186379 - insight: FTBFS in Fedora Rawhide

https://bugzilla.redhat.com/show_bug.cgi?id=2186379

[ 2 ] Bug #2186582 - CVE-2023-1972 insight: binutils: Illegal memory access when accessing a zer0-lengthverdef table [fedora-36]

https://bugzilla.redhat.com/show_bug.cgi?id=2186582

[ 3 ] Bug #2186587 - CVE-2023-1972 insight: binutils: Illegal memory access when accessing a zer0-lengthverdef table [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2186587

su -c 'dnf upgrade --advisory FEDORA-2023-5d51a42413' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Topics%20covered

Topics Covered

security advisory critical issue buffer overflow software update Fedora insight

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 36
Version: 13.0.50.20220502
Release: 9.fc36
URL: https://www.sourceware.org/insight/
Summary: Graphical debugger based on GDB

Topics%20covered

Topics Covered

security advisory critical issue buffer overflow software update Fedora insight

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here