Changelog for elfutils-lang-0.168-lp152.5.5.noarch.rpm :

* Wed May 22 2019 Joao Moreira - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch- CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch: arlib-check-that-sh_entsize-isnt-zero.patch- CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088) Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch- CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087) Add patch: elflint-dont-check-section-group-without-flags-word.patch- CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch: libdw-check-end-of-attributes-list-consistently.patch- CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390) Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch- CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973) Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch- CVE-2019-7150: dwfl_segment_report_module doesn\'t check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch- CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007) Add patch: libebl-check-NT_PLATFORM-core-notes.patch- CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086) Add patch: libelf-check-compression-before-allocate-output-buffer.patch- CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch- CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084) Add patch: readelf-fix-off-by-one-sanity-check.patch- CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726) Add patch: size-handle-recursive-elf-ar-files.patch- CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch
* Tue Sep 25 2018 CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bnc#1033090) Add patch: elflint-sanity-check-the-number-of-phdrs-and-shdrs.patch- CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033089) Add patch: elfutils-dont-trust-sh_entsize.patch
* Sat Aug 26 2017 Restore obsolete on libebl.
* Tue Aug 01 2017 Update package descriptions.- Rename libebl1 to libebl-plugins as these are not linked, but dlopened using their unversioned libebl_$ name.- Have libelf1 require libebl-plugins (libebl.a, which does the dlopen call, is staticly built into libelf1). This is necessary for pahole to display its results. [boo#1049871]
* Sun Jun 18 2017 ppc-machine-flags.patch: support EM_PPC machine flags- disable-tests-with-ptrace.patch: disable more tests
* Sun May 28 2017 Update Git-Clone URL
* Thu Apr 27 2017 Add 0001-backends-Add-support-for-EM_PPC64-GNU_ATTRIBUTES.patch unconditionally in the spec file. As we can\'t support binary diff, a newly added test-case is removed from the patch.
* Tue Apr 25 2017 Add 0001-backends-Add-support-for-EM_PPC64-GNU_ATTRIBUTES.patch: fix .gnu.attributes checking on ppc64{,le}.
* Fri Apr 07 2017 Add missing ldconfig calls for libasm1
* Fri Mar 31 2017 make tests pass when user does not want debuginfo (boo#1031556)
* Thu Mar 30 2017 Update to version 0.168: libelf: gelf_newehdr and gelf_newehdr now return void
*. libdw: dwarf.h corrected the DW_LANG_PLI constant name (was DW_LANG_PL1). readelf: Add optional --symbols[=SECTION] argument to select section name.- Includes changes from 0001-Add-GCC7-Wimplicit-fallthrough-support-fixes.patch and 0001-ar-Fix-GCC7-Wformat-length-issues.patch.- Remove elfutils-0.137-dwarf-header-check-fix.diff which is no longer required after a debugedit fix.
* Fri Dec 09 2016 Add 0001-Add-GCC7-Wimplicit-fallthrough-support-fixes.patch: fix new warning introduced in GCC 7.- Add 0001-ar-Fix-GCC7-Wformat-length-issues.patch: fix -Wformat-length warning introduced in GCC 7.
* Tue Aug 30 2016 Update to version 0.167: libasm: Add eBPF disassembler for EM_BPF files. backends: Add m68k and BPF backends. ld: Removed. dwelf: Add ELF/DWARF string table creation functions. dwelf_strtab_init, dwelf_strtab_add, dwelf_strtab_add_len, dwelf_strtab_finalize, dwelf_strent_off, dwelf_strent_str and dwelf_strtab_free. Support compressed sections from binutils 2.27.- Remove patch elfutils-0.166-elfcmp-comp-gcc6.patch: included upstream.
* Mon Jul 11 2016 disable-tests-with-ptrace.patch: disable tests that use ptrace when running under qemu-linux-user
* Mon Jun 27 2016 Update to version 0.166: + config: The default program prefix for the installed tools is now eu-. Use configure --program-prefix=\"\" to not use a program prefix. + Various bugfixes.- Drop elfutils-0.164-dt-ppc-opt.patch and elfutils-0.164-gcc6.patch (merged upstream)- Add patch elfutils-0.166-elfcmp-comp-gcc6.patch: fix self-comparison error with GCC 6.- Changes from 0.165: + Add eu-elfcompress + Add pkg-config files for libelf and libdw.
* Sat Apr 16 2016 add elfutils-0.164-gcc6.patch
* Sat Feb 27 2016 rename dt-ppc-opt.patch as elfutils-0.164-dt-ppc-opt.patch and add reference to upstream commit id
* Tue Dec 15 2015 dt-ppc-opt.patch: add support for DT_PPC_OPT
* Fri Nov 20 2015 Update to version 0.164 Drop the following patches, fixed upstream:
* elfutils-portability-0.163.patch
* elfutils-revert-portability-scanf.patch
* elfutils-uninitialized.diff
* libebl-prototype-fix.diff Changelog: - strip, unstrip:
* Handle ELF files with merged strtab/shstrtab tables.
* Handle missing SHF_INFO_LINK section flags. - libelf:
* Use int64_t for offsets in libelf.h instead of loff_t. - libdw:
* dwarf.h Add preliminary DWARF5 DW_LANG_Haskell. - libdwfl:
* dwfl_standard_find_debuginfo now searches any subdir of the binary path under the debuginfo root when the separate debug file couldn\'t be found by build-id.
* dwfl_linux_proc_attach can now be called before any Dwfl_Modules have been reported.- Implement %check
* Fri Sep 11 2015 Update to version 0.163 Drop patch elfutils-fix-dir-traversal-vuln-in-ar-extraction.patch Drop patch elfutils-0.148-dont-crash.diff (fixed by 9ceebe69) Drop patch elfutils-portability-0.161.patch Add patch elfutils-portability-0.163.patch Changelog: 0.163: - Bug fixes only, no new features. 0.162: - libdw: Install new header elfutils/known-dwarf.h. dwarf.h Add preliminary DWARF5 constants DW_TAG_atomic_type, DW_LANG_Fortran03, DW_LANG_Fortran08. dwarf_peel_type now also handles DW_TAG_atomic_type. - addr2line: Input addresses are now always interpreted as hexadecimal numbers, never as octal or decimal numbers. New option -a, --addresses to print address before each entry. New option -C, --demangle to show demangled symbols. New option --pretty-print to print all information on one line. - ar: CVE-2014-9447 Directory traversal vulnerability in ar extraction. - backends: x32 support.
* Wed Feb 11 2015 Make ebl modversion predictable to allow build-compare (bnc#916043)
* Wed Jan 07 2015 CVE-2014-9447: elfutils: Directory traversal vulnerability (bnc#911662) Add patch: elfutils-fix-dir-traversal-vuln-in-ar-extraction.patch
* Wed Jan 07 2015 Update to version 0.161 + libdw: New function dwarf_peel_type. dwarf_aggregate_size now uses dwarf_peel_type to also provide the sizes of qualified types. dwarf_getmacros will now serve either of .debug_macro and .debug_macinfo transparently. New interfaces dwarf_getmacros_off, dwarf_macro_getsrcfiles, dwarf_macro_getparamcnt, and dwarf_macro_param are available for more generalized inspection of macros and their parameters. dwarf.h: Add DW_AT_GNU_deleted, DW_AT_noreturn, DW_LANG_C11, DW_LANG_C_plus_plus_11 and DW_LANG_C_plus_plus_14.- Remove merged patches + elfutils-robustify.patch + elfutils-no-po-test-build.diff + elfutils-check-for-overflow-before-calling-malloc-to-uncompress-data.patch- Refreshed patch (from Fedora sources) + elfutils-portability.patch > elfutils-portability-0.161.patch- Add a lang subpackage
* Wed Oct 15 2014 Update homepage URL and improve RPM group classification