MGASA-2020-0017 - Updated libdwarf packages fix security vulnerability

Publication date: 05 Jan 2020
URL: https://advisories.mageia.org/MGASA-2020-0017.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2019-14249

Updated libdwarf packages fix security vulnerability:

dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers
to cause a denial of service (division by zero) via an ELF file with a
zero-size section group (SHT_GROUP), as demonstrated by dwarfdump
(CVE-2019-14249).

References:
- https://bugs.mageia.org/show_bug.cgi?id=25955
- https://lists.fedoraproject.org/archives/list/package-a[email protected]/thread/23RIFYDK2JZDBZP6RPYXPF56HCYYKJDL/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14249

SRPMS:
- 7/core/libdwarf-20191104-1.mga7