Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 37 Advisory: 2023-b4d1469b54 Critical: Insight Stringop Issue

fedora
Calendar Grey April 22, 2023
Dist Fedora Esm H88
An enhancement patch for Ubuntu tackles the glibc library challenge, successfully mitigating buffer overflow alerts in a proficient manner.
Disable stringop-overflow warnings

Summary

Insight is a tight graphical user interface to GDB written in Tcl/Tk.

It provides a comprehensive interface that enables users to harness

most of GDB's power. It's also probably the only up-to-date UI for

the latest GDB version.

Disable stringop-overflow warnings. Patch "bfd-CVE-2023-1972" fixes a security

issue in bfd library.

* Fri Apr 14 2023 Patrick Monnerat 13.0.50.20220502-9

- Disable stringop-overflow warnings.

- Patch "bfd-CVE-2023-1972" fixes a security issue in bfd library.

https://bugzilla.redhat.com/show_bug.cgi?id=2185646

* Wed Jan 25 2023 Florian Weimer - 13.0.50.20220502-8

- Apply binutils-gdb upstream patch to fix C99 issue in configure script

* Tue Jan 24 2023 Patrick Monnerat 13.0.50.20220502-7

- Patch "noselfmove" removes the move to self tests.

* Thu Jan 19 2023 Fedora Release Engineering - 13.0.50.20220502-6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

* Fri Dec 23 2022 Patrick Monnerat 13.0.50.20220502-5

- Patch "distutils" removes deprecated python 3.12 module use.

https://bugzilla.redhat.com/show_bug.cgi?id=2155038

[ 1 ] Bug #2186379 - insight: FTBFS in Fedora Rawhide

https://bugzilla.redhat.com/show_bug.cgi?id=2186379

[ 2 ] Bug #2186582 - CVE-2023-1972 insight: binutils: Illegal memory access when accessing a zer0-lengthverdef table [fedora-36]

https://bugzilla.redhat.com/show_bug.cgi?id=2186582

[ 3 ] Bug #2186587 - CVE-2023-1972 insight: binutils: Illegal memory access when accessing a zer0-lengthverdef table [fedora-37]

https://bugzilla.redhat.com/show_bug.cgi?id=2186587

su -c 'dnf upgrade --advisory FEDORA-2023-b4d1469b54' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Topics%20covered

Topics Covered

security advisory fedora critical memory access stringop overflow bfd library insight debugger

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 37
Version: 13.0.50.20220502
Release: 9.fc37
URL: https://www.sourceware.org/insight/
Summary: Graphical debugger based on GDB

Topics%20covered

Topics Covered

security advisory fedora critical memory access stringop overflow bfd library insight debugger

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here