commit | 8ec0540f69fed9c066494501949de6a35d97d1a1 | [log] [tgz] |
---|---|---|
author | Scott Haiden <scotthaiden@google.com> | Fri Feb 10 15:58:41 2023 -0800 |
committer | Scott Haiden <scotthaiden@google.com> | Tue Feb 21 20:18:03 2023 +0000 |
tree | 0feae68a9d1d21cde790006f9a52a9afe6d011be | |
parent | cfcd80c73baa8be6be459f8acb7f9a07b0d158ea [diff] |
LAKITU: sys-devel/binutils: patch to fix CVE-2022-4285 - This changeset comes from version binutils version 2.40 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70 - Fixed: ``` (root@gmec-vm-0fba0a6fd9b94837abb5f5bc31841bb0)-(11)-(10:45pm)-(~)-# curl -L https://sourceware.org/bugzilla/attachment.cgi?id=14404 -o poc (root@gmec-vm-0fba0a6fd9b94837abb5f5bc31841bb0)-(12)-(10:45pm)-(~)-# nm -aD poc nm: poc: .gnu.version_r invalid entry nm: poc: no symbols (root@gmec-vm-0fba0a6fd9b94837abb5f5bc31841bb0)-(13)-(10:45pm)-(~)-# ``` BUG=b/268351808 TEST=built and run the proof of concept from the CVE report. RELEASE_NOTE=None Change-Id: Ia32073db346fec6d9bf676db489381464e4c3d2f Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/chromiumos-overlay/+/42369 Reviewed-by: Alan Berryhill <berryhill@google.com> Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com> Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>