Updated binutils packages fix security vulnerabilities
Publication date: 19 Jan 2015Modification date: 19 Jan 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8484 , CVE-2014-8485 , CVE-2014-8501 , CVE-2014-8502 , CVE-2014-8503 , CVE-2014-8504 , CVE-2014-8737 , CVE-2014-8738
Description
Updated binutils packages fix security vulnerabilities:
Multiple security issues have been found in binutils. These vulnerabilities
include multiple memory safety errors, buffer overflows, use-after-frees and
other implementation errors may lead to the execution of arbitrary code, the
bypass of security restrictions, path traversal attack or denial of service
(CVE-2014-8484, CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503,
CVE-2014-8504, CVE-2014-8737, CVE-2014-8738).
References
- https://bugs.mageia.org/show_bug.cgi?id=15022
- https://www.debian.org/security/2015/dsa-3123
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8484
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8485
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8501
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8502
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8503
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8504
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8737
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8738
SRPMS
4/core
- binutils-2.24-3.1.mga4