Skip to content

1.65.0
Compare
Choose a tag to compare
@cf-buildpacks-eng cf-buildpacks-eng released this 15 Jan 17:58
· 91 commits to main since this release
1.65.0
0ec340f

Notably, this release addresses:

USN-6581-1 USN-6581-1: GNU binutils vulnerabilities:

  • CVE-2022-45703: Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
  • CVE-2022-47011: An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
  • CVE-2022-47008: An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
  • CVE-2022-47011: An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
  • CVE-2022-47007: An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
  • CVE-2022-47010: An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
  • CVE-2022-45703: Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
  • CVE-2022-44840: Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
-ii  binutils                  2.38-4ubuntu2.4  amd64  GNU assembler, linker and binary utilities
-ii  binutils-common:amd64     2.38-4ubuntu2.4  amd64  Common files for the GNU assembler, linker and binary utilities
-ii  binutils-x86-64-linux-gnu 2.38-4ubuntu2.4  amd64  GNU binary utilities, for x86-64-linux-gnu target
+ii  binutils                  2.38-4ubuntu2.5  amd64  GNU assembler, linker and binary utilities
+ii  binutils-common:amd64     2.38-4ubuntu2.5  amd64  Common files for the GNU assembler, linker and binary utilities
+ii  binutils-x86-64-linux-gnu 2.38-4ubuntu2.5  amd64  GNU binary utilities, for x86-64-linux-gnu target
-ii  libbinutils:amd64         2.38-4ubuntu2.4  amd64  GNU binary utilities (private shared library)
+ii  libbinutils:amd64         2.38-4ubuntu2.5  amd64  GNU binary utilities (private shared library)
-ii  libctf-nobfd0:amd64       2.38-4ubuntu2.4  amd64  Compact C Type Format library (runtime, no BFD dependency)
-ii  libctf0:amd64             2.38-4ubuntu2.4  amd64  Compact C Type Format library (runtime, BFD dependency)
+ii  libctf-nobfd0:amd64       2.38-4ubuntu2.5  amd64  Compact C Type Format library (runtime, no BFD dependency)
+ii  libctf0:amd64             2.38-4ubuntu2.5  amd64  Compact C Type Format library (runtime, BFD dependency)
Assets 3
Loading