Mageia 2020-0017: libdwarf security update
Summary
Updated libdwarf packages fix security vulnerability:
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackersto cause a denial of service (division by zero) via an ELF file with a
zero-size section group (SHT_GROUP), as demonstrated by dwarfdump
(CVE-2019-14249).
References
- https://bugs.mageia.org/show_bug.cgi?id=25955
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/23RIFYDK2JZDBZP6RPYXPF56HCYYKJDL/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14249
Resolution
MGASA-2020-0017 - Updated libdwarf packages fix security vulnerability
SRPMS
- 7/core/libdwarf-20191104-1.mga7