Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

openSUSE: 2021:3643-1 Moderate: binutils Out-Of-Bounds Write Fix

opensuse
Calendar Grey November 9, 2021
Dist Opensuse Esm H88
A recent security patch for openSUSE resolves a vulnerability related to binutils and improves overall system reliability and efficiency.
An update that solves one vulnerability and has four fixes is now available

Description

This update for binutils fixes the following issues:

- For compatibility on old code stream that expect 'brcl 0,label' to not

be disassembled as 'jgnop label' on s390x. (bsc#1192267) This reverts

IBM zSeries HLASM support for now.

- Fixed that ppc64 optflags did not enable LTO (bsc#1188941).

- Fix empty man-pages from broken release tarball

- Fixed a memory corruption with rpath option (bsc#1191473).

- Fixed slow performance of stripping some binaries (bsc#1183909).

Security issue fixed:

- CVE-2021-20294: Fixed out-of-bounds write in print_dynamic_symbol in

readelf (bnc#1184519)

Topics%20covered

Topics Covered

security advisory moderate update fix binutils openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2021-3643=1

Package List

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

binutils-2.37-7.26.1

binutils-debuginfo-2.37-7.26.1

binutils-debugsource-2.37-7.26.1

binutils-devel-2.37-7.26.1

binutils-gold-2.37-7.26.1

binutils-gold-debuginfo-2.37-7.26.1

cross-arm-binutils-2.37-7.26.1

cross-arm-binutils-debuginfo-2.37-7.26.1

cross-arm-binutils-debugsource-2.37-7.26.1

cross-avr-binutils-2.37-7.26.1

cross-avr-binutils-debuginfo-2.37-7.26.1

cross-avr-binutils-debugsource-2.37-7.26.1

cross-epiphany-binutils-2.37-7.26.1

cross-epiphany-binutils-debuginfo-2.37-7.26.1

cross-epiphany-binutils-debugsource-2.37-7.26.1

cross-hppa-binutils-2.37-7.26.1

cross-hppa-binutils-debuginfo-2.37-7.26.1

cross-hppa-binutils-debugsource-2.37-7.26.1

cross-hppa64-binutils-2.37-7.26.1

cross-hppa64-binutils-debuginfo-2.37-7.26.1

cross-hppa64-binutils-debugsource-2.37-7.26.1

cross-i386-binutils-2.37-7.26.1

cross-i386-binutils-debuginfo-2.37-7.26.1

cross-i386-binutils-debugsource-2.37-7.26.1

cross-ia64-binutils-2.37-7.26.1

cross-ia64-binutils-debuginfo-2.37-7.26.1

cross-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2021-20294.html

https://bugzilla.suse.com/1183909

https://bugzilla.suse.com/1184519

https://bugzilla.suse.com/1188941

https://bugzilla.suse.com/1191473

https://bugzilla.suse.com/1192267

Announcement ID: openSUSE-SU-2021:3643-1
Rating: moderate
Affected Products: openSUSE Leap 15.3 ble.

Topics%20covered

Topics Covered

security advisory moderate update fix binutils openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here