annobin-9.72-1.el8.2
エラータID: AXSA:2022-2958:01
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.
Security Fix(es):
* Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574)
The following changes were introduced in annobin in order to facilitate detection of BiDi Unicode characters:
This update of annobin adds a new annocheck test to detect the presence of multibyte characters in symbol names.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-42574
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.
Update packages.
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.
N/A
SRPMS
- annobin-9.72-1.el8.2.src.rpm
MD5: 5deb9d3d4b2c4f8a891a96e14b5c75b6
SHA-256: 55ae2cf1b0b481b1bbcc77c9638edcd3a7db732faa5a0b93ca03abd9c2e0363d
Size: 516.45 kB
Asianux Server 8 for x86_64
- annobin-9.72-1.el8.2.x86_64.rpm
MD5: bcc5205e10ca707856a98a0993ea7d23
SHA-256: 483ff893bacaacfb26fbbcbc585940dfd6f0060cbfb54c27b20295b870c47c97
Size: 109.68 kB - annobin-annocheck-9.72-1.el8.2.x86_64.rpm
MD5: 9c962d240eb23de5f68adf2ec375c2b0
SHA-256: 6e0b6ef93caaeef6cb71ff83e6dec7e6ab656f7f13c0527ea512e90f32404338
Size: 130.75 kB