[Bug 200888] CVE-2012-3509 libiberty: integer overflow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jun 15 22:11:49 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200888
Bug ID: 200888
Summary: CVE-2012-3509 libiberty: integer overflow
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: gnu
Assignee: freebsd-bugs at FreeBSD.org
Reporter: pfg at FreeBSD.org
Created attachment 157772
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157772&action=edit
fix from OpenBSD
CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by
processing certain file headers via bfd binary.
I stopped using gcc a while ago so I have no idea how useful/important this may
be.
OpenBSD has applied the following change:
http://freshbsd.org/commit/openbsd/c507578c3b16e773f91845211533295791f6b94d
I have translated it to the attached patch.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list