RedHat: Low: binutils security update
Summary
Summary
Binutils is a collection of utilities used for the creation of executable code. A number of bugs were found in various binutils tools. If a user is tricked into processing a specially crafted executable with utilities such as readelf, size, strings, objdump, or nm, it may allow the execution of arbitrary code as the user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to this issue. In addition, the following bugs have been fixed: - -- by default issue an error if IA-64 hint@pause instruction is put into the B slot, add assembler command line switch to override this behaviour - -- fix linker's --emit-relocs with .gnu.warning.* section symbols - -- fix gprof on 64-bit ppc binaries and libraries - -- fix gas mapping of register names to dwarf2 register numbers in CFI directives All users of binutils should upgrade to this updated package, which contains patches to resolve these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
159894 - CAN-2005-1704 Integer overflow in the Binary File Descriptor (BFD) library
162545 - wrong dwarf register numbers generated
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ba506648fc5d8ca830f54378f673e6a6 binutils-2.15.92.0.2-15.src.rpm
i386:
de3bdca323b48830513598fb4916e3f6 binutils-2.15.92.0.2-15.i386.rpm
ia64:
3722f6c68903eda7b979ea334f0c8e9f binutils-2.15.92.0.2-15.ia64.rpm
ppc:
6582041cd1f4c02feaff94a4322dbad2 binutils-2.15.92.0.2-15.ppc.rpm
s390:
6c8ba333b98e7baacd9a8e8364fa7c9c binutils-2.15.92.0.2-15.s390.rpm
s390x:
81ca4322941de30d486e855b594c307a binutils-2.15.92.0.2-15.s390x.rpm
x86_64:
dc07ac2ef96372526039ee642a1475ba binutils-2.15.92.0.2-15.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ba506648fc5d8ca830f54378f673e6a6 binutils-2.15.92.0.2-15.src.rpm
i386:
de3bdca323b48830513598fb4916e3f6 binutils-2.15.92.0.2-15.i386.rpm
x86_64:
dc07ac2ef96372526039ee642a1475ba binutils-2.15.92.0.2-15.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ba506648fc5d8ca830f54378f673e6a6 binutils-2.15.92.0.2-15.src.rpm
i386:
de3bdca323b48830513598fb4916e3f6 binutils-2.15.92.0.2-15.i386.rpm
ia64:
3722f6c68903eda7b979ea334f0c8e9f binutils-2.15.92.0.2-15.ia64.rpm
x86_64:
dc07ac2ef96372526039ee642a1475ba binutils-2.15.92.0.2-15.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ba506648fc5d8ca830f54378f673e6a6 binutils-2.15.92.0.2-15.src.rpm
i386:
de3bdca323b48830513598fb4916e3f6 binutils-2.15.92.0.2-15.i386.rpm
ia64:
3722f6c68903eda7b979ea334f0c8e9f binutils-2.15.92.0.2-15.ia64.rpm
x86_64:
dc07ac2ef96372526039ee642a1475ba binutils-2.15.92.0.2-15.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704
Package List
Topic
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Bugs Fixed