Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:3552-1 moderate: binutils

    Date 27 Nov 2020
    294
    Posted By LinuxSecurity Advisories
    An update that solves 8 vulnerabilities, contains three features and has 6 fixes is now available.
    
       SUSE Security Update: Security update for binutils
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:3552-1
    Rating:             moderate
    References:         #1126826 #1126829 #1126831 #1140126 #1142649 
                        #1143609 #1153768 #1153770 #1157755 #1160254 
                        #1160590 #1163333 #1163744 #1179036 ECO-2373 
                        SLE-7464 SLE-7903 
    Cross-References:   CVE-2019-12972 CVE-2019-14250 CVE-2019-14444
                        CVE-2019-17450 CVE-2019-17451 CVE-2019-9074
                        CVE-2019-9075 CVE-2019-9077
    Affected Products:
                        SUSE Linux Enterprise Server for SAP 15
                        SUSE Linux Enterprise Server 15-LTSS
                        SUSE Linux Enterprise High Performance Computing 15-LTSS
                        SUSE Linux Enterprise High Performance Computing 15-ESPOS
    ______________________________________________________________________________
    
       An update that solves 8 vulnerabilities, contains three
       features and has 6 fixes is now available.
    
    Description:
    
       This update for binutils fixes the following issues:
    
       binutils was updated to version 2.35.1 (jsc#ECO-2373)
    
       Additional branch fixes applied on top of 2.35.1:
    
       * Fixes PR26520, aka [bsc#1179036], a problem in addr2line with certain
         DWARF variable descriptions.
       * Also fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878,
         PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869, PR26711
       * The above includes fixes for dwo files produced by modern dwp, fixing
         several problems in the DWARF reader.
    
       Update to binutils 2.35.1 and rebased branch diff:
    
       * This is a point release over the previous 2.35 version, containing bug
         fixes, and as an exception to the usual rule, one new feature.  The new
         feature is the support for a new directive in the assembler: ".nop".
         This directive creates a single no-op instruction in whatever encoding
         is correct for the target architecture.  Unlike the .space or .fill this
         is a real instruction, and it does affect the generation of DWARF line
         number tables, should they be enabled.
    
       Update to binutils 2.35:
    
       * The assembler can now produce DWARF-5 format line number tables.
       * Readelf now has a "lint" mode to enable extra checks of the files it is
         processing.
       * Readelf will now display "[...]" when it has to truncate a symbol name.
         The old behaviour - of displaying as many characters as possible, up to
         the 80 column limit - can be restored by the use of the
         --silent-truncation
         option.
       * The linker can now produce a dependency file listing the inputs that it
         has processed, much like the -M -MP option supported by the compiler.
    
       - fix DT_NEEDED order with -flto [bsc#1163744]
    
    
       Update to binutils 2.34:
    
       * The disassembler (objdump --disassemble) now has an option to generate
         ascii art thats show the arcs between that start and end points of
         control flow instructions.
       * The binutils tools now have support for debuginfod.  Debuginfod is a
         HTTP service for distributing ELF/DWARF debugging information as well as
         source code.  The tools can now connect to debuginfod servers in order
         to download debug information about the files that they are processing.
       * The assembler and linker now support the generation of ELF format files
         for the Z80 architecture.
    
       - Add new subpackages for libctf and libctf-nobfd.
       - Disable LTO due to bsc#1163333.
       - Includes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka
         PR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078
    
       - fix various build fails on aarch64 (PR25210, bsc#1157755).
    
       Update to binutils 2.33.1:
    
       * Adds support for the Arm Scalable Vector Extension version 2 (SVE2)
         instructions, the Arm Transactional Memory Extension (TME) instructions
         and the Armv8.1-M Mainline and M-profile Vector Extension (MVE)
         instructions.
       * Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P
         processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,
         Cortex-A76AE, and Cortex-A77 processors.
       * Adds a .float16 directive for both Arm and AArch64 to allow encoding of
         16-bit floating point literals.
       * For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3
         LLSC Errata.  Add a --enable-mips-fix-loongson3-llsc=[yes|no] configure
         time option to set the default behavior. Set the default if the
         configure option is not used to "no".
       * The Cortex-A53 Erratum 843419 workaround now supports a choice of which
         workaround to use.  The option --fix-cortex-a53-843419 now takes an
         optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can be
         used to force a particular workaround to be used. See --help for AArch64
         for more details.
       * Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and
         GNU_PROPERTY_AARCH64_FEATURE_1_PAC  in ELF GNU program properties in the
         AArch64 ELF linker.
       * Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI
         on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI
         on inputs and use PLTs protected with BTI.
       * Add -z pac-plt for AArch64 to pick PAC enabled PLTs.
       * Add --source-comment[=] option to objdump which if present,
         provides a prefix to source code lines displayed in a disassembly.
       * Add --set-section-alignment =
         option to objcopy to allow the changing of section alignments.
       * Add --verilog-data-width option to objcopy for verilog targets to
         control width of data elements in verilog hex format.
       * The separate debug info file options of readelf (--debug-dump=links and
         --debug-dump=follow) and objdump (--dwarf=links and
         --dwarf=follow-links) will now display and/or follow multiple links if
          more than one are present in a file.  (This usually happens when gcc's
          -gsplit-dwarf option is used). In addition objdump's
          --dwarf=follow-links now also affects its
         other display options, so that for example, when combined with
         --syms it will cause the symbol tables in any linked debug info files to
          also be displayed.  In addition when combined with
         --disassemble the --dwarf= follow-links option will ensure that any
          symbol tables in the linked files are read and used when disassembling
          code in the main file.
       * Add support for dumping types encoded in the Compact Type Format to
         objdump and readelf.
       - Includes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka
         PR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka
         CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405
         bsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka
         CVE-2019-14250 aka PR90924
    
       * Add xBPF target
       * Fix various problems with DWARF 5 support in gas
       * fix nm -B for objects compiled with -flto and -fcommon.
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Server for SAP 15:
    
          zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-3552=1
    
       - SUSE Linux Enterprise Server 15-LTSS:
    
          zypper in -t patch SUSE-SLE-Product-SLES-15-2020-3552=1
    
       - SUSE Linux Enterprise High Performance Computing 15-LTSS:
    
          zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3552=1
    
       - SUSE Linux Enterprise High Performance Computing 15-ESPOS:
    
          zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3552=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
    
          binutils-2.35.1-6.15.1
          binutils-debuginfo-2.35.1-6.15.1
          binutils-debugsource-2.35.1-6.15.1
          binutils-devel-2.35.1-6.15.1
          libctf-nobfd0-2.35.1-6.15.1
          libctf-nobfd0-debuginfo-2.35.1-6.15.1
          libctf0-2.35.1-6.15.1
          libctf0-debuginfo-2.35.1-6.15.1
    
       - SUSE Linux Enterprise Server for SAP 15 (x86_64):
    
          binutils-devel-32bit-2.35.1-6.15.1
    
       - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
    
          binutils-2.35.1-6.15.1
          binutils-debuginfo-2.35.1-6.15.1
          binutils-debugsource-2.35.1-6.15.1
          binutils-devel-2.35.1-6.15.1
          libctf-nobfd0-2.35.1-6.15.1
          libctf-nobfd0-debuginfo-2.35.1-6.15.1
          libctf0-2.35.1-6.15.1
          libctf0-debuginfo-2.35.1-6.15.1
    
       - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
    
          binutils-2.35.1-6.15.1
          binutils-debuginfo-2.35.1-6.15.1
          binutils-debugsource-2.35.1-6.15.1
          binutils-devel-2.35.1-6.15.1
          libctf-nobfd0-2.35.1-6.15.1
          libctf-nobfd0-debuginfo-2.35.1-6.15.1
          libctf0-2.35.1-6.15.1
          libctf0-debuginfo-2.35.1-6.15.1
    
       - SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
    
          binutils-devel-32bit-2.35.1-6.15.1
    
       - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
    
          binutils-2.35.1-6.15.1
          binutils-debuginfo-2.35.1-6.15.1
          binutils-debugsource-2.35.1-6.15.1
          binutils-devel-2.35.1-6.15.1
          libctf-nobfd0-2.35.1-6.15.1
          libctf-nobfd0-debuginfo-2.35.1-6.15.1
          libctf0-2.35.1-6.15.1
          libctf0-debuginfo-2.35.1-6.15.1
    
       - SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
    
          binutils-devel-32bit-2.35.1-6.15.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-12972.html
       https://www.suse.com/security/cve/CVE-2019-14250.html
       https://www.suse.com/security/cve/CVE-2019-14444.html
       https://www.suse.com/security/cve/CVE-2019-17450.html
       https://www.suse.com/security/cve/CVE-2019-17451.html
       https://www.suse.com/security/cve/CVE-2019-9074.html
       https://www.suse.com/security/cve/CVE-2019-9075.html
       https://www.suse.com/security/cve/CVE-2019-9077.html
       https://bugzilla.suse.com/1126826
       https://bugzilla.suse.com/1126829
       https://bugzilla.suse.com/1126831
       https://bugzilla.suse.com/1140126
       https://bugzilla.suse.com/1142649
       https://bugzilla.suse.com/1143609
       https://bugzilla.suse.com/1153768
       https://bugzilla.suse.com/1153770
       https://bugzilla.suse.com/1157755
       https://bugzilla.suse.com/1160254
       https://bugzilla.suse.com/1160590
       https://bugzilla.suse.com/1163333
       https://bugzilla.suse.com/1163744
       https://bugzilla.suse.com/1179036
    

    Advisories

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.