CVS commit: src/gnu/dist/binutils/bfd

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/gnu/dist/binutils/bfd
From: Adrian Portelli <adrianp%netbsd.org@localhost>
Date: Sun, 22 Jun 2008 14:02:40 +0000 (UTC)

Module Name:    src
Committed By:   adrianp
Date:           Sun Jun 22 14:02:40 UTC 2008

Modified Files:
        src/gnu/dist/binutils/bfd: tekhex.c

Log Message:
Fix for PR #33551 (a.k.a CVE-2006-2362)

Back port from the binutils CVS tree

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation
GNU Binutils before 20060423, as used by GNU strings, allows context-dependent
attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex)
record in which the length character is not a valid hexadecimal character.


To generate a diff of this commit:
cvs rdiff -r1.1.1.3 -r1.2 src/gnu/dist/binutils/bfd/tekhex.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/sys
Next by Date: CVS commit: src/gnu/dist/postfix
Previous by Thread: CVS commit: src/sys/sys
Next by Thread: CVS commit: src/gnu/dist/postfix
Indexes:

Home | Main Index | Thread Index | Old Index