binutils-2.30-119.el8.2

エラータID: AXSA:2023-6562:03

Release date: 
Monday, November 6, 2023 - 13:37
Subject: 
binutils-2.30-119.el8.2
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

Security Fix(es):

* binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault (CVE-2022-4285)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-4285
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. binutils-2.30-119.el8.2.src.rpm
    MD5: ffa9eb67848796bac2bec458111ecf2a
    SHA-256: 7a7678d1c37d25869b429a4a63b5a19d59ffb81e519ddc8b5323bb3231e2f851
    Size: 20.05 MB

Asianux Server 8 for x86_64
  1. binutils-2.30-119.el8.2.x86_64.rpm
    MD5: fcf31c7a7195a9ea08e80ca76cbfbcb7
    SHA-256: 47c0e5822243ee1b365f9478acf110b78aab1c265dc532ab0c1eac5199ef9024
    Size: 5.81 MB
  2. binutils-devel-2.30-119.el8.2.i686.rpm
    MD5: ab969d98ff7e132d72453d38e204712e
    SHA-256: c4ef346085ba1a4e82403d416f1fe198bfa7362ea45882c33ca5c0d2917b8c75
    Size: 3.52 MB
  3. binutils-devel-2.30-119.el8.2.x86_64.rpm
    MD5: dc3bc338cefe13c37777324229dae7e7
    SHA-256: 907aeb73bf3dfe1a8116e41b032335f15ff098fa3a1a59f63ac3963d1dc6bba7
    Size: 3.67 MB