binutils-2.23.52.0.1-55.el7

Binutils is a collection of binary utilities, including ar (for
creating, modifying and extracting from archives), as (a family of GNU
assemblers), gprof (for displaying call graph profile data), ld (the
GNU linker), nm (for listing symbols from object files), objcopy (for
copying and translating object files), objdump (for displaying
information from object files), ranlib (for generating an index for
the contents of an archive), readelf (for displaying detailed
information about binary files), size (for listing the section sizes
of an object or archive file), strings (for listing printable strings
from files), strip (for discarding symbols), and addr2line (for
converting addresses to file and line).

Security issues fixed with this release:

CVE-2014-8484
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before
2.25 allows remote attackers to cause a denial of service
(out-of-bounds read) via a small S-record.
CVE-2014-8485
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24
and earlier allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via crafted section group
headers in an ELF file.
CVE-2014-8501
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU
binutils 2.24 and earlier allows remote attackers to cause a denial of
service (out-of-bounds write) and possibly have other unspecified
impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a
PE executable.
CVE-2014-8502
Heap-based buffer overflow in the pe_print_edata function in
bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote
attackers to cause a denial of service (crash) and possibly have other
unspecified impact via a truncated export table in a PE file.
CVE-2014-8503
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in
GNU binutils 2.24 and earlier allows remote attackers to cause a
denial of service (crash) and possibly have other unspecified impact
via a crafted ihex file.
CVE-2014-8504
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in
GNU binutils 2.24 and earlier allows remote attackers to cause a
denial of service (crash) and possibly have other unspecified impact
via a crafted file.
CVE-2014-8737
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and
earlier allow local users to delete arbitrary files via a .. (dot dot)
or full path name in an archive to (1) strip or (2) objcopy or create
arbitrary files via (3) a .. (dot dot) or full path name in an archive
to ar.
CVE-2014-8738
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU
binutils 2.24 and earlier allows remote attackers to cause a denial of
service (invalid write, segmentation fault, and crash) via a crafted
extended name table in an archive.

Fixed bugs:

* Binary files started by the system loader could lack the Relocation Read-Only (RELRO) protection even though it was explicitly requested when the application was built. This bug has been fixed on multiple architectures. Applications and all dependent object files, archives, and libraries built with an alpha or beta version of binutils should be rebuilt to correct this defect.
* The ld linker on 64-bit PowerPC now correctly checks the output format when asked to produce a binary in another format than PowerPC.
* An important variable that holds the symbol table for the binary being debugged has been made persistent, and the objdump utility on 64-bit PowerPC is now able to access the needed information without reading an invalid memory region.
* Undesirable runtime relocations described in RHBA-2015:0974.
Enhancements:

* New hardware instructions of the IBM z Systems z13 are now supported by assembler, disassembler, and linker, as well as Single Instruction, Multiple Data (SIMD) instructions.
* Expressions of the form: "FUNC@localentry" to refer to the local entry point for the FUNC function (if defined) are now supported by the PowerPC assembler. These are required by the ELFv2 ABI on the little-endian variant of IBM Power Systems.