Path to this page:
Subject: CVS commit: pkgsrc/devel/binutils
From: Frederic Cambus
Date: 2021-01-07 10:47:48
Message id: 20210107094748.2040BFA9D@cvs.NetBSD.org
Log Message:
binutils: add upstream fixes for CVE-2020-35448.
From upstream commit log:
PR26574, heap buffer overflow in _bfd_elf_slurp_secondary_reloc_section
A horribly fuzzed object with section headers inside the ELF header.
Disallow that, and crazy reloc sizes.
PR 26574
* elfcode.h (elf_object_p): Sanity check section header offset.
* elf.c (_bfd_elf_slurp_secondary_reloc_section): Sanity check
sh_entsize.
Files: