diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-08-29 18:23:50 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-08-30 08:59:55 +0200 |
commit | 34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d (patch) | |
tree | fd24e6dc296552ed8ce520e595a71eea78e88e9c /source/d/binutils/patches/binutils-CVE-2019-1010204.patch | |
parent | a685863802fc9764aefd5b07106f3e3e54b210a3 (diff) | |
download | current-34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d.tar.gz current-34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d.tar.xz |
Sun Aug 29 18:23:50 UTC 202120210829182350
ap/man-pages-5.13-noarch-1.txz: Upgraded.
d/binutils-2.37-x86_64-1.txz: Upgraded.
With a few upstream patches to fix some regressions in the release, we no
longer get any new FTBFS with this, so we'll take it.
d/oprofile-1.4.0-x86_64-8.txz: Rebuilt.
Recompiled against binutils-2.37.
kde/sddm-0.19.0-x86_64-8.txz: Rebuilt.
Patched to fix build.
l/libcap-2.54-x86_64-1.txz: Upgraded.
l/libssh-0.9.6-x86_64-1.txz: Upgraded.
Fix possible heap-buffer overflow when rekeying with different key exchange
mechanism.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634
(* Security fix *)
l/qt5-5.15.3_20210826_21ea9c12-x86_64-1.txz: Upgraded.
Switched to the patched qt5 from https://invent.kde.org/qt/qt/qt5.git.
Huge thanks to Heinz Wiesinger for the script to create a release tarball.
Likely this fixes many security issues.
(* Security fix *)
x/libglvnd-1.3.3-x86_64-1.txz: Upgraded.
Reverted to this version because changes to the header files won't allow the
EGL portions of Qt to properly compile.
Diffstat (limited to 'source/d/binutils/patches/binutils-CVE-2019-1010204.patch')
-rw-r--r-- | source/d/binutils/patches/binutils-CVE-2019-1010204.patch | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/source/d/binutils/patches/binutils-CVE-2019-1010204.patch b/source/d/binutils/patches/binutils-CVE-2019-1010204.patch new file mode 100644 index 000000000..56434b10d --- /dev/null +++ b/source/d/binutils/patches/binutils-CVE-2019-1010204.patch @@ -0,0 +1,15 @@ +--- binutils.orig/gold/fileread.cc 2019-08-06 14:22:08.669313110 +0100 ++++ binutils-2.32/gold/fileread.cc 2019-08-06 14:22:28.799177543 +0100 +@@ -381,6 +381,12 @@ File_read::do_read(off_t start, section_ + ssize_t bytes; + if (this->whole_file_view_ != NULL) + { ++ // See PR 23765 for an example of a testcase that triggers this error. ++ if (((ssize_t) start) < 0) ++ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"), ++ this->filename().c_str(), ++ static_cast<long long>(start)); ++ + bytes = this->size_ - start; + if (static_cast<section_size_type>(bytes) >= size) + { |