ClickCease CentOS 6 ELS: binutils package gradual rollout - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

CentOS 6 ELS: binutils package gradual rollout

December 16, 2021 - TuxCare PR Team

A new updated binutils package within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

Rollout slot: 2
Rolled out to: 0.1%
ETA for 100% rollout: December 30

CHANGELOG

binutils 2.20.51.0.2-5.48.1.el6.tuxcare.els3

  • CVE-2018-6323: Fix unsigned integer overflow
  • CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in
  • CVE-2018-6543: Fix integer overflow
  • CVE-2018-20671: Fix integer overflow vulnerability
  • CVE-2018-6759: Fix segmentation fault
  • CVE-2018-7208: Fix segmentation fault
  • CVE-2018-7568: Fix integer overflow
  • CVE-2018-7569: Fix integer underflow or overflow
  • CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference
  • CVE-2018-7643: Fix integer overflow
  • CVE-2018-8945: Fix segmentation fault
  • CVE-2018-13033: Fix excessive memory allocation
  • CVE-2018-10373: Fix NULL pointer dereference
  • CVE-2018-10535: Fix NULL pointer dereference
  • CVE-2018-18309: Fix invalid memory address dereference
  • CVE-2018-18605: Fix mishandles section merges
  • CVE-2018-18606: Fix NULL pointer dereference
  • CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd
  • CVE-2018-19932: Fix integer overflow and infinite loop
  • CVE-2018-20002: Fix memory consumption
  • CVE-2018-20623: Fix use-after-free in the error function
  • CVE-2018-1000876: Fix integer overflow trigger heap overflow
  • CVE-2019-9073: Fix excessive memory allocation
  • CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap
  • CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific
  • CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt
  • CVE-2019-14444: Fix integer overflow
  • CVE-2019-17450: Fix infinite recursion
  • CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c
  • CVE-2016-4487: Fix use-after-free vulnerability in libiberty
  • CVE-2016-4488: Fix use-after-free vulnerability in libiberty
  • CVE-2016-4489: Fix integer overflow in libiberty
  • CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty
  • CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty
  • CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal
  • CVE-2016-6131: Fix infinite loop, stack overflow

UPDATE COMMAND

yum update binutils*

IMMEDIATE UPDATE (VIA BYPASS)

yum update binutils* --enablerepo=ELS6-rollout-2-bypass

 

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter