mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-08 09:46:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e8eab0f9b4e4b4ce3dd49cbb9ce3f2ffa4eaccfd
poky/meta/recipes-devtools/binutils
History
Yash Shinde 44c8d98587 binutils: Fix CVE-2024-53589 
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.

Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]

(From OE-Core rev: 04c6b181bf9b1babd647c642ba8598b837f1263b)

Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-01-09 06:02:48 -08:00
..
binutils
binutils: Fix CVE-2024-53589
2025-01-09 06:02:48 -08:00
binutils_2.43.1.bb
binutils: Add missing perl modules to RDEPENDS for nativsdk variant
2024-10-29 05:51:03 -07:00
binutils-2.43.1.inc
binutils: Fix CVE-2024-53589
2025-01-09 06:02:48 -08:00
binutils-cross_2.43.1.bb
binutils: upgrade 2.43 -> 2.43.1
2024-08-21 21:51:49 +01:00
binutils-cross-canadian_2.43.1.bb
binutils: upgrade 2.43 -> 2.43.1
2024-08-21 21:51:49 +01:00
binutils-cross-canadian.inc
gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling
2023-05-02 10:24:50 +01:00
binutils-cross.inc
binutils-cross: Disable gprofng for when building cross binutils
2022-08-21 22:51:41 +01:00
binutils-crosssdk_2.43.1.bb
binutils: upgrade 2.43 -> 2.43.1
2024-08-21 21:51:49 +01:00
binutils-testsuite_2.43.1.bb
binutils: upgrade 2.43 -> 2.43.1
2024-08-21 21:51:49 +01:00
binutils.inc
binutils: Fix binutils mingw packaging
2024-10-29 05:51:03 -07:00