Debian Security Advisory

DLA-184-1 binutils -- LTS security update

Date Reported:
28 Mar 2015
Affected Packages:
binutils
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2014-8484, CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738.
More information:

Multiple security issues have been found in binutils, a toolbox for binary file manipulation. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions, path traversal attack or denial of service.

For Debian 6 Squeeze, these issues have been fixed in binutils version 2.20.1-16+deb6u1