Skip to navigation

Security Advisory elfutils security update

Advisory: RHSA-2006:0368-7
Type: Security Advisory
Severity: Low
Issued on: 2006-07-20
Last updated on: 2006-07-20
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2005-1704

Details

Updated elfutils packages that address a minor security issue and various
other issues are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

The elfutils packages contain a number of utility programs and libraries
related to the creation and maintenance of executable code.

The elfutils packages that originally shipped with Red Hat Enterprise Linux
3 were GPL-licensed versions which lacked some functionality. Previous
updates provided fully functional versions of elfutils only under the OSL
license. This update provides a fully functional, GPL-licensed version of
elfutils.

In the OSL-licensed elfutils versions provided in previous updates, some
tools could sometimes crash when given corrupted input files. (CVE-2005-1704)

Also, when the eu-strip tool was used to create separate debuginfo files
from relocatable objects such as kernel modules (.ko), the resulting
debuginfo files (.ko.debug) were sometimes corrupted. Both of these
problems are fixed in the new version.

Users of elfutils should upgrade to these updated packages, which resolve
these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

Updated packages

Red Hat Desktop (v. 3)

IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/i386/elfutils-devel-0.94.1-2.i386.rpm
Missing file
    MD5: bdfc7c99932291ae6ab742fd60ae0ca0
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/i386/elfutils-libelf-devel-0.94.1-2.i386.rpm
Missing file
    MD5: b327fb13b08f74b472800b700439c39d
 
x86_64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/x86_64/elfutils-0.94.1-2.x86_64.rpm
Missing file
    MD5: 55c216e57fdf0edf3623cdadd814456e
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/x86_64/elfutils-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 921e1675d0c270e6f8e20a7413a65955
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/x86_64/elfutils-libelf-0.94.1-2.x86_64.rpm
Missing file
    MD5: 5516fefe4b2c4ec3dd491cdc09f1f153
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/x86_64/elfutils-libelf-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 85aa5c18b57bcd149b074092e77aa172
 
Red Hat Enterprise Linux AS (v. 3)

IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/i386/elfutils-devel-0.94.1-2.i386.rpm
Missing file
    MD5: bdfc7c99932291ae6ab742fd60ae0ca0
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/i386/elfutils-libelf-devel-0.94.1-2.i386.rpm
Missing file
    MD5: b327fb13b08f74b472800b700439c39d
 
IA-64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/ia64/elfutils-0.94.1-2.ia64.rpm
Missing file
    MD5: 148e0a5469f1808517416a0b8e319c48
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/ia64/elfutils-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: d69aa822ad4a73e1796fb699285a3e16
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/ia64/elfutils-libelf-0.94.1-2.ia64.rpm
Missing file
    MD5: 4981bc501ca8ede3a23c6ebf469f85b3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/ia64/elfutils-libelf-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: 8b9a5084a9c8f34b94198908bab6b6a2
 
PPC:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/ppc/elfutils-0.94.1-2.ppc.rpm
Missing file
    MD5: b9341cf90ec0737298a7e57d6a57b593
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/ppc64/elfutils-0.94.1-2.ppc64.rpm
Missing file
    MD5: 037d2690cc56966149c2a3b2ba8e4885
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/ppc/elfutils-devel-0.94.1-2.ppc.rpm
Missing file
    MD5: 36398c56fe8adca7e4fdf4f084d513d4
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/ppc/elfutils-libelf-0.94.1-2.ppc.rpm
Missing file
    MD5: d2c559b82e34b035c2f0864b34f56fa9
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/ppc64/elfutils-libelf-0.94.1-2.ppc64.rpm
Missing file
    MD5: 9e94d133ca19169f88f364e483bba629
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/ppc/elfutils-libelf-devel-0.94.1-2.ppc.rpm
Missing file
    MD5: 958ca58a79551292277ae448a01c5e01
 
s390:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/s390/elfutils-0.94.1-2.s390.rpm
Missing file
    MD5: a66109327605d7652f5cca2f6edc4c9c
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/s390/elfutils-devel-0.94.1-2.s390.rpm
Missing file
    MD5: bb297fba4cb392fff25d2982f924ab81
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/s390/elfutils-libelf-0.94.1-2.s390.rpm
Missing file
    MD5: 92619133e3d38c362c540520573b39da
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/s390/elfutils-libelf-devel-0.94.1-2.s390.rpm
Missing file
    MD5: 390fb07654eb89b5f43930720c419f98
 
s390x:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/s390/elfutils-0.94.1-2.s390.rpm
Missing file
    MD5: a66109327605d7652f5cca2f6edc4c9c
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/s390x/elfutils-0.94.1-2.s390x.rpm
Missing file
    MD5: a5498050a32775173fc9ea3faa6dfd9d
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/s390x/elfutils-devel-0.94.1-2.s390x.rpm
Missing file
    MD5: dc2cc5075dbda8c07108d7b5e60c7cdf
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/s390/elfutils-libelf-0.94.1-2.s390.rpm
Missing file
    MD5: 92619133e3d38c362c540520573b39da
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/s390x/elfutils-libelf-0.94.1-2.s390x.rpm
Missing file
    MD5: 82431bc3f0c38f026d192b15b5f0d8ea
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/s390x/elfutils-libelf-devel-0.94.1-2.s390x.rpm
Missing file
    MD5: da86201bdfedb1bc639cd033e28601ad
 
x86_64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/x86_64/elfutils-0.94.1-2.x86_64.rpm
Missing file
    MD5: 55c216e57fdf0edf3623cdadd814456e
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/x86_64/elfutils-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 921e1675d0c270e6f8e20a7413a65955
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/x86_64/elfutils-libelf-0.94.1-2.x86_64.rpm
Missing file
    MD5: 5516fefe4b2c4ec3dd491cdc09f1f153
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/x86_64/elfutils-libelf-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 85aa5c18b57bcd149b074092e77aa172
 
Red Hat Enterprise Linux ES (v. 3)

IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/i386/elfutils-devel-0.94.1-2.i386.rpm
Missing file
    MD5: bdfc7c99932291ae6ab742fd60ae0ca0
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/i386/elfutils-libelf-devel-0.94.1-2.i386.rpm
Missing file
    MD5: b327fb13b08f74b472800b700439c39d
 
IA-64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/ia64/elfutils-0.94.1-2.ia64.rpm
Missing file
    MD5: 148e0a5469f1808517416a0b8e319c48
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/ia64/elfutils-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: d69aa822ad4a73e1796fb699285a3e16
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/ia64/elfutils-libelf-0.94.1-2.ia64.rpm
Missing file
    MD5: 4981bc501ca8ede3a23c6ebf469f85b3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/ia64/elfutils-libelf-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: 8b9a5084a9c8f34b94198908bab6b6a2
 
x86_64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/x86_64/elfutils-0.94.1-2.x86_64.rpm
Missing file
    MD5: 55c216e57fdf0edf3623cdadd814456e
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/x86_64/elfutils-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 921e1675d0c270e6f8e20a7413a65955
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/x86_64/elfutils-libelf-0.94.1-2.x86_64.rpm
Missing file
    MD5: 5516fefe4b2c4ec3dd491cdc09f1f153
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/x86_64/elfutils-libelf-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 85aa5c18b57bcd149b074092e77aa172
 
Red Hat Enterprise Linux WS (v. 3)

IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/i386/elfutils-devel-0.94.1-2.i386.rpm
Missing file
    MD5: bdfc7c99932291ae6ab742fd60ae0ca0
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/i386/elfutils-libelf-devel-0.94.1-2.i386.rpm
Missing file
    MD5: b327fb13b08f74b472800b700439c39d
 
IA-64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/ia64/elfutils-0.94.1-2.ia64.rpm
Missing file
    MD5: 148e0a5469f1808517416a0b8e319c48
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/ia64/elfutils-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: d69aa822ad4a73e1796fb699285a3e16
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/ia64/elfutils-libelf-0.94.1-2.ia64.rpm
Missing file
    MD5: 4981bc501ca8ede3a23c6ebf469f85b3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/ia64/elfutils-libelf-devel-0.94.1-2.ia64.rpm
Missing file
    MD5: 8b9a5084a9c8f34b94198908bab6b6a2
 
x86_64:
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/i386/elfutils-0.94.1-2.i386.rpm
Missing file
    MD5: aff3e63cdad846aa2d8f866ae517c388
ftp://updates.redhat.com/rhn/repository/NULL/elfutils/0.94.1-2/x86_64/elfutils-0.94.1-2.x86_64.rpm
Missing file
    MD5: 55c216e57fdf0edf3623cdadd814456e
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-devel/0.94.1-2/x86_64/elfutils-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 921e1675d0c270e6f8e20a7413a65955
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/i386/elfutils-libelf-0.94.1-2.i386.rpm
Missing file
    MD5: 676234c6860bfddc964ef7c9ad15c7f3
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf/0.94.1-2/x86_64/elfutils-libelf-0.94.1-2.x86_64.rpm
Missing file
    MD5: 5516fefe4b2c4ec3dd491cdc09f1f153
ftp://updates.redhat.com/rhn/repository/NULL/elfutils-libelf-devel/0.94.1-2/x86_64/elfutils-libelf-devel-0.94.1-2.x86_64.rpm
Missing file
    MD5: 85aa5c18b57bcd149b074092e77aa172
 

Bugs fixed (see bugzilla for more information)

159908 - CVE-2005-1704 Integer overflow in libelf
187507 - RHEL3 U8: Elfutils license upgrade
189114 - eu-strip mangles separate debuginfo with relocation sections


References


Keywords

elfutils


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/