Fedora 20 Security Update: avr-binutils-2.24-2.fc20

Resolved Bugs
1162655 – binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser

Leave a Reply