Skip to navigation

Security Advisory binutils security update

Advisory: RHSA-2005:673-5
Type: Security Advisory
Severity: Low
Issued on: 2005-10-05
Last updated on: 2005-10-05
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2005-1704

Details

An updated binutils package that fixes several bugs and minor security
issues is now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Binutils is a collection of utilities used for the creation of executable
code. A number of bugs were found in various binutils tools.

If a user is tricked into processing a specially crafted executable with
utilities such as readelf, size, strings, objdump, or nm, it may allow the
execution of arbitrary code as the user. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to
this issue.

In addition, the following bugs have been fixed:

-- by default issue an error if IA-64 hint@pause instruction is
put into the B slot, add assembler command line switch to
override this behaviour
-- fix linker's --emit-relocs with .gnu.warning.* section symbols
-- fix gprof on 64-bit ppc binaries and libraries
-- fix gas mapping of register names to dwarf2 register numbers
in CFI directives

All users of binutils should upgrade to this updated package, which
contains patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
binutils-2.15.92.0.2-15.src.rpm
File outdated by:  RHBA-2011:0847
    MD5: ba506648fc5d8ca830f54378f673e6a6
 
IA-32:
binutils-2.15.92.0.2-15.i386.rpm
File outdated by:  RHBA-2011:0847
    MD5: de3bdca323b48830513598fb4916e3f6
 
x86_64:
binutils-2.15.92.0.2-15.x86_64.rpm
File outdated by:  RHBA-2011:0847
    MD5: dc07ac2ef96372526039ee642a1475ba
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
binutils-2.15.92.0.2-15.src.rpm
File outdated by:  RHBA-2011:0847
    MD5: ba506648fc5d8ca830f54378f673e6a6
 
IA-32:
binutils-2.15.92.0.2-15.i386.rpm
File outdated by:  RHBA-2011:0847
    MD5: de3bdca323b48830513598fb4916e3f6
 
IA-64:
binutils-2.15.92.0.2-15.ia64.rpm
File outdated by:  RHBA-2011:0847
    MD5: 3722f6c68903eda7b979ea334f0c8e9f
 
PPC:
binutils-2.15.92.0.2-15.ppc.rpm
File outdated by:  RHBA-2011:0847
    MD5: 6582041cd1f4c02feaff94a4322dbad2
 
s390:
binutils-2.15.92.0.2-15.s390.rpm
File outdated by:  RHBA-2011:0847
    MD5: 6c8ba333b98e7baacd9a8e8364fa7c9c
 
s390x:
binutils-2.15.92.0.2-15.s390x.rpm
File outdated by:  RHBA-2011:0847
    MD5: 81ca4322941de30d486e855b594c307a
 
x86_64:
binutils-2.15.92.0.2-15.x86_64.rpm
File outdated by:  RHBA-2011:0847
    MD5: dc07ac2ef96372526039ee642a1475ba
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
binutils-2.15.92.0.2-15.src.rpm
File outdated by:  RHBA-2011:0847
    MD5: ba506648fc5d8ca830f54378f673e6a6
 
IA-32:
binutils-2.15.92.0.2-15.i386.rpm
File outdated by:  RHBA-2011:0847
    MD5: de3bdca323b48830513598fb4916e3f6
 
IA-64:
binutils-2.15.92.0.2-15.ia64.rpm
File outdated by:  RHBA-2011:0847
    MD5: 3722f6c68903eda7b979ea334f0c8e9f
 
x86_64:
binutils-2.15.92.0.2-15.x86_64.rpm
File outdated by:  RHBA-2011:0847
    MD5: dc07ac2ef96372526039ee642a1475ba
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
binutils-2.15.92.0.2-15.src.rpm
File outdated by:  RHBA-2011:0847
    MD5: ba506648fc5d8ca830f54378f673e6a6
 
IA-32:
binutils-2.15.92.0.2-15.i386.rpm
File outdated by:  RHBA-2011:0847
    MD5: de3bdca323b48830513598fb4916e3f6
 
IA-64:
binutils-2.15.92.0.2-15.ia64.rpm
File outdated by:  RHBA-2011:0847
    MD5: 3722f6c68903eda7b979ea334f0c8e9f
 
x86_64:
binutils-2.15.92.0.2-15.x86_64.rpm
File outdated by:  RHBA-2011:0847
    MD5: dc07ac2ef96372526039ee642a1475ba
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

159894 - CAN-2005-1704 Integer overflow in the Binary File Descriptor (BFD) library
162545 - wrong dwarf register numbers generated


References


Keywords

readelf, size, strings, strip


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/