UbuntuUpdates.org

Package "gdb-doc"

Name: gdb-doc

Description:

The GNU Debugger Documentation
Latest version: 7.7.1-0ubuntu5~14.04.3
Release: trusty (14.04)
Level: updates
Repository: main
Head package: gdb
Homepage: http://www.gnu.org/s/gdb/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "gdb-doc"

All arch deb package
APT INSTALL

Other versions of "gdb-doc" in Trusty

Repository Area Version
base main 7.6.2-1ubuntu1
security main 7.7.1-0ubuntu5~14.04.3

Changelog

Version: 7.7.1-0ubuntu5~14.04.3 2017-07-26 18:06:45 UTC

  gdb (7.7.1-0ubuntu5~14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS via invalid value in NumberOfRvaAndSizes field
    - debian/patches/CVE-2014-8501.patch: add check to bfd/peXXigen.c.
    - CVE-2014-8501
  * SECURITY UPDATE: stack overflow when printing bad bytes
    - debian/patches/CVE-2014-9939.patch: fix escape sequences in
      bfd/ihex.c, bfd/srec.c.
    - CVE-2014-9939
  * SECURITY UPDATE: integer overflow in string_appends
    - debian/patches/CVE-2016-2226.patch: check for overflow in
      libiberty/cplus-dem.c, added xmalloc_failed to
      gdb/common/common-utils.c.
    - CVE-2016-2226
  * SECURITY UPDATE: use-after-free vulberabilities
    - debian/patches/CVE-2016-4487_4488.patch: set bsize and ksize in
      libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4487
    - CVE-2016-4488
  * SECURITY UPDATE: integer overflow in gnu_special
    - debian/patches/CVE-2016-4489.patch: handle case where consume_count
      returns -1 in libiberty/cplus-dem.c.
    - CVE-2016-4489
  * SECURITY UPDATE: integer overflow after sanity checks
    - debian/patches/CVE-2016-4490.patch: parse numbers as integer instead
      of long in libiberty/cp-demangle.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4490
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-4491-1.patch: limit recursion in
      include/demangle.h, libiberty/cp-demangle.c, libiberty/cp-demint.c,
      added test to libiberty/testsuite/demangle-expected.
    - debian/patches/CVE-2016-4491-2.patch: limit more recursion in
      libiberty/cp-demangle.c.
    - debian/patches/CVE-2016-4491-3.patch: initialize d_printing in
      gdb/cp-name-parser.y, libiberty/cp-demangle.c.
    - CVE-2016-4491
  * SECURITY UPDATE: buffer overflow in do_type
    - debian/patches/CVE-2016-4492_4493.patch: properly handle large values
      and overflow in libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-4492
    - CVE-2016-4493
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2016-6131.patch: prevent infinite recursion in
      libiberty/cplus-dem.c, added test to
      libiberty/testsuite/demangle-expected.
    - CVE-2016-6131

 -- Marc Deslauriers <email address hidden> Fri, 09 Jun 2017 10:42:55 -0400
Source diff to previous version
CVE-2014-8501 The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of
CVE-2014-9939 ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
CVE-2016-2226 Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executabl
CVE-2016-4487 Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, r
CVE-2016-4488 Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, r
CVE-2016-4489 Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a c
CVE-2016-4490 Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted bina
CVE-2016-4491 The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a cra
CVE-2016-4492 Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and cras
CVE-2016-4493 The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of serv
CVE-2016-6131 The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the ref

Version: 7.7.1-0ubuntu5~14.04.2 2014-11-06 21:06:43 UTC

  gdb (7.7.1-0ubuntu5~14.04.2) trusty-proposed; urgency=medium

  * SRU: Update for trusty. LP: #1351646.
  * Build the gdb-doc package from the gdb sources.
 -- Matthias Klose <email address hidden> Wed, 08 Oct 2014 20:48:14 +0200
Source diff to previous version
1351646 SRU: gdb 7.7.1 for trusty

Version: 7.7-0ubuntu3.1 2014-05-19 10:07:29 UTC

  gdb (7.7-0ubuntu3.1) trusty; urgency=medium

  * re-enable patch that got disabled at some point (LP: #1317136)
    - ptrace-error-verbosity.patch: Try to make the PTRACE scope sysctl
      more discoverable via a verbose error message when failures happen.
 -- Marc Deslauriers <email address hidden> Wed, 07 May 2014 15:44:23 -0400
1317136 useful Yama EPERM error message missing (regression)


About   -   Send Feedback to @ubuntu_updates