mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-08 01:36:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9783baa9dd67ebfb1ec33ec5495457f7abe2fbea
poky/meta/recipes-devtools/binutils
History
Yash Shinde 1e47fd8e44 binutils: Fix CVE-2024-53589 
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.

Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]

(From OE-Core rev: 15635eb807ea1cbf0fd04e0cbe9cf169df107a05)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-12-23 05:46:32 -08:00
..
binutils
binutils: Fix CVE-2024-53589
2024-12-23 05:46:32 -08:00
binutils_2.42.bb
binutils: Add missing perl modules to RDEPENDS for nativesdk variant
2024-11-18 06:59:35 -08:00
binutils-2.42.inc
binutils: Fix CVE-2024-53589
2024-12-23 05:46:32 -08:00
binutils-cross_2.42.bb
binutils: Upgrade to binutils 2.42
2024-02-05 14:06:10 +00:00
binutils-cross-canadian_2.42.bb
binutils: Upgrade to binutils 2.42
2024-02-05 14:06:10 +00:00
binutils-cross-canadian.inc
gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling
2023-05-02 10:24:50 +01:00
binutils-cross-testsuite_2.42.bb
binutils: Upgrade to binutils 2.42
2024-02-05 14:06:10 +00:00
binutils-cross.inc
binutils-cross: Disable gprofng for when building cross binutils
2022-08-21 22:51:41 +01:00
binutils-crosssdk_2.42.bb
binutils: Upgrade to binutils 2.42
2024-02-05 14:06:10 +00:00
binutils.inc
binutils: move packaging of gprofng static lib into common .inc
2023-06-13 22:10:32 +01:00