Debian Security Advisory
DLA-552-1 binutils -- LTS security update
- Date Reported:
- 18 Jul 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131.
- More information:
Some minor security issues have been identified and fixed in binutils in Debian LTS. These are:
Exploitable buffer overflow.
Invalid write due to a use-after-free to array btypevec.
Invalid write due to a use-after-free to array ktypevec.
Invalid write due to integer overflow.
Write access violation.
Write access violations.
Read access violations.
Stack buffer overflow when printing bad bytes in Intel Hex objects
For Debian 7
Wheezy, these problems have been fixed in version 2.22-8+deb7u3.
We recommend that you upgrade your binutils packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS