openSUSE: 2019:2432-1 Moderate: Binutils Security Update
opensuse
November 5, 2019
An update that fixes 28 vulnerabilities is now available.
Description
This update for binutils fixes the following issues:
binutils was updated to current 2.32 branch [jsc#ECO-368].
Includes following security fixes:
- CVE-2018-17358: Fixed invalid memory access in
_bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)
- CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in
opncls.c (bsc#1109413)
- CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in
libbfd.c (bsc#1109414)
- CVE-2018-17985: Fixed a stack consumption problem caused by the
cplus_demangle_type (bsc#1116827)
- CVE-2018-18309: Fixed an invalid memory address dereference was
discovered in read_reloc in reloc.c (bsc#1111996)
- CVE-2018-18483: Fixed get_count function provided by libiberty that
allowed attackers to cause a denial of service or other unspecified
impact (bsc#1112535)
- CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions
provided by libiberty, caused by...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2019-2432=1
Package List
- openSUSE Leap 15.1 (i586 x86_64):
binutils-2.32-lp151.3.3.1
binutils-debuginfo-2.32-lp151.3.3.1
binutils-debugsource-2.32-lp151.3.3.1
binutils-devel-2.32-lp151.3.3.1
binutils-gold-2.32-lp151.3.3.1
binutils-gold-debuginfo-2.32-lp151.3.3.1
- openSUSE Leap 15.1 (x86_64):
binutils-devel-32bit-2.32-lp151.3.3.1
cross-aarch64-binutils-2.32-lp151.3.3.1
cross-aarch64-binutils-debuginfo-2.32-lp151.3.3.1
cross-aarch64-binutils-debugsource-2.32-lp151.3.3.1
cross-arm-binutils-2.32-lp151.3.3.1
cross-arm-binutils-debuginfo-2.32-lp151.3.3.1
cross-arm-binutils-debugsource-2.32-lp151.3.3.1
cross-avr-binutils-2.32-lp151.3.3.1
cross-avr-binutils-debuginfo-2.32-lp151.3.3.1
cross-avr-binutils-debugsource-2.32-lp151.3.3.1
cross-epiphany-binutils-2.32-lp151.3.3.1
cross-epiphany-binutils-debuginfo-2.32-lp151.3.3.1
cross-epiphany-binutils-debugsource-2.32-lp151.3.3.1
cross-hppa-binutils-2.32-lp151.3.3.1
cross-hppa-binutils-debuginfo-2.32-lp151.3.3.1
cross-hppa-binutils-debugsource-2.32-lp151.3.3.1
cross-hppa64-binutils-2.32-lp151.3....
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2018-1000876.html
https://www.suse.com/security/cve/CVE-2018-17358.html
https://www.suse.com/security/cve/CVE-2018-17359.html
https://www.suse.com/security/cve/CVE-2018-17360.html
https://www.suse.com/security/cve/CVE-2018-17985.html
https://www.suse.com/security/cve/CVE-2018-18309.html
https://www.suse.com/security/cve/CVE-2018-18483.html
https://www.suse.com/security/cve/CVE-2018-18484.html
https://www.suse.com/security/cve/CVE-2018-18605.html
https://www.suse.com/security/cve/CVE-2018-18606.html
https://www.suse.com/security/cve/CVE-2018-18607.html
https://www.suse.com/security/cve/CVE-2018-19931.html
https://www.suse.com/security/cve/CVE-2018-19932.html
https://www.suse.com/security/cve/CVE-2018-20623.html
https://www.suse.com/security/cve/CVE-2018-20651.html
https://www.suse.com/security/cve/CVE-2018-20671.html
https://www.suse.com/security/cve/CVE-2018-6323.html
https://www.suse.com/security/cve/CVE-2018-6543.html
https://www.suse.com/security/cve/CVE-2018-675...
Read the Full Advisory
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2019:2432-1
Rating: moderate
Affected Products:
openSUSE Leap 15.1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!