SUSE-SU-2021:3593-1: moderate: Security update for binutils
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Nov 2 14:25:44 UTC 2021
SUSE Security Update: Security update for binutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:3593-1
Rating: moderate
References: #1126826 #1126829 #1126831 #1140126 #1142649
#1143609 #1153768 #1153770 #1157755 #1160254
#1160590 #1163333 #1163744 #1179036 #1179341
#1179898 #1179899 #1179900 #1179901 #1179902
#1179903 #1180451 #1180454 #1180461 #1181452
#1182252 #1183511 #1184620 #1184794 ECO-2373
PM-2767 SLE-18637 SLE-19618 SLE-21561 SLE-7464
SLE-7903
Cross-References: CVE-2019-12972 CVE-2019-14250 CVE-2019-14444
CVE-2019-17450 CVE-2019-17451 CVE-2019-9074
CVE-2019-9075 CVE-2019-9077 CVE-2020-16590
CVE-2020-16591 CVE-2020-16592 CVE-2020-16593
CVE-2020-16598 CVE-2020-16599 CVE-2020-35448
CVE-2020-35493 CVE-2020-35496 CVE-2020-35507
CVE-2021-20197 CVE-2021-20284 CVE-2021-3487
CVSS scores:
CVE-2019-12972 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-14250 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2019-14250 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2019-14444 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-14444 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-17450 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-17450 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-17451 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-17451 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-9074 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-9074 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-9075 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-9075 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-9077 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-9077 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2020-16590 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16590 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-16591 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16591 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16592 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16592 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16593 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16593 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16598 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16598 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16599 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-16599 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-35448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-35448 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2020-35493 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-35493 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-35496 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-35496 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-35507 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-35507 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-20197 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2021-20197 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2021-20284 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-20284 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3487 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3487 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE OpenStack Cloud Crowbar 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud 8
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server 12-SP4-LTSS
SUSE Linux Enterprise Server 12-SP3-LTSS
SUSE Linux Enterprise Server 12-SP3-BCL
SUSE Linux Enterprise Server 12-SP2-BCL
HPE Helion Openstack 8
______________________________________________________________________________
An update that solves 21 vulnerabilities, contains 7
features and has 8 fixes is now available.
Description:
This update for binutils fixes the following issues:
Update to binutils 2.37:
* The GNU Binutils sources now requires a C99 compiler and library to
build.
* Support for the arm-symbianelf format has been removed.
* Support for Realm Management Extension (RME) for AArch64 has been added.
* A new linker option '-z report-relative-reloc' for x86 ELF targets has
been added to report dynamic relative relocations.
* A new linker option '-z start-stop-gc' has been added to disable special
treatment of __start_*/__stop_* references when
--gc-sections.
* A new linker options '-Bno-symbolic' has been added which will cancel
the '-Bsymbolic' and '-Bsymbolic-functions' options.
* The readelf tool has a new command line option which can be used to
specify how the numeric values of symbols are reported.
--sym-base=0|8|10|16 tells readelf to display the values in base 8, base
10 or base 16. A sym base of 0 represents the default action
of displaying values under 10000 in base 10 and values above that in
base 16.
* A new format has been added to the nm program. Specifying
'--format=just-symbols' (or just using -j) will tell the program to
only display symbol names and nothing else.
* A new command line option '--keep-section-symbols' has been added to
objcopy and strip. This stops the removal of unused section symbols
when the file is copied. Removing these symbols saves space, but
sometimes they are needed by other tools.
* The '--weaken', '--weaken-symbol' and '--weaken-symbols' options
supported by objcopy now make undefined symbols weak on targets that
support weak symbols.
* Readelf and objdump can now display and use the contents of .debug_sup
sections.
* Readelf and objdump will now follow links to separate debug info files
by default. This behaviour can be stopped via the use of the new '-wN'
or '--debug-dump=no-follow-links' options for readelf and the '-WN' or
'--dwarf=no-follow-links' options for objdump. Also the old behaviour
can be restored by the use of the '--enable-follow-debug-links=no'
configure time option.
The semantics of the =follow-links option have also been slightly
changed. When enabled, the option allows for the loading of symbol tables
and string tables from the separate files which can be used to enhance the
information displayed when dumping other sections, but it does not
automatically imply that information from the separate files should be
displayed.
If other debug section display options are also enabled (eg
'--debug-dump=info') then the contents of matching sections in both the
main file and the separate debuginfo file *will* be displayed. This is
because in most cases the debug section will only be present in one of the
files.
If however non-debug section display options are enabled (eg
'--sections') then the contents of matching parts of the separate
debuginfo file will *not* be displayed. This is because in most cases the
user probably only wanted to load the symbol information from the separate
debuginfo file. In order to change this behaviour a new command line
option --process-links can be used. This will allow di0pslay options to
applied to both the main file and any separate debuginfo files.
* Nm has a new command line option: '--quiet'. This suppresses "no
symbols" diagnostic.
Update to binutils 2.36:
New features in the Assembler:
General:
* When setting the link order attribute of ELF sections, it is now
possible to use a numeric section index instead of symbol name.
* Added a .nop directive to generate a single no-op instruction in a
target neutral manner. This instruction does have an effect on DWARF
line number generation, if that is active.
* Removed --reduce-memory-overheads and --hash-size as gas now uses
hash tables that can be expand and shrink automatically.
X86/x86_64:
* Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key Locker
instructions.
* Support non-absolute segment values for lcall and ljmp.
* Add {disp16} pseudo prefix to x86 assembler.
* Configure with --enable-x86-used-note by default for Linux/x86.
ARM/AArch64:
* Add support for Cortex-A78, Cortex-A78AE and Cortex-X1, Cortex-R82,
Neoverse V1, and Neoverse N2 cores.
* Add support for ETMv4 (Embedded Trace Macrocell), ETE (Embedded
Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call Stack Recorder
Extension) and BRBE (Branch Record Buffer Extension) system registers.
* Add support for Armv8-R and Armv8.7-A ISA extensions.
* Add support for DSB memory nXS barrier, WFET and WFIT instruction
for Armv8.7.
* Add support for +csre feature for -march. Add CSR PDEC instruction
for CSRE feature in AArch64.
* Add support for +flagm feature for -march in Armv8.4 AArch64.
* Add support for +ls64 feature for -march in Armv8.7 AArch64. Add
atomic 64-byte load/store instructions for this feature.
* Add support for +pauth (Pointer Authentication) feature for
-march in AArch64.
New features in the Linker:
* Add --error-handling-script=<NAME> command line option to allow a
helper script to be invoked when an undefined symbol or a missing
library is encountered. This option can be suppressed via the
configure time switch: --enable-error-handling-script=no.
* Add -z x86-64-{baseline|v[234]} to the x86 ELF linker to mark
x86-64-{baseline|v[234]} ISA level as needed.
* Add -z unique-symbol to avoid duplicated local symbol names.
* The creation of PE format DLLs now defaults to using a more secure
set of DLL characteristics.
* The linker now deduplicates the types in .ctf sections. The new
command-line option --ctf-share-types describes how to do this: its
default value, share-unconflicted, produces the most compact
output.
* The linker now omits the "variable section" from .ctf sections by
default, saving space. This is almost certainly what you want
unless you are working on a project that has its own analogue of
symbol tables that are not reflected in the ELF symtabs.
New features in other binary tools:
* The ar tool's previously unused l modifier is now used for
specifying dependencies of a static library. The arguments of this
option (or --record-libdeps long form option) will be stored
verbatim in the __.LIBDEP member of the archive, which the linker
may read at link time.
* Readelf can now display the contents of LTO symbol table sections
when asked to do so via the --lto-syms command line
option.
* Readelf now accepts the -C command line option to enable the
demangling of symbol names. In addition the --demangle=<style>,
--no-demangle, --recurse-limit and --no-recurse-limit options are
also now availale.
Update to binutils 2.35.1:
* This is a point release over the previous 2.35 version, containing bug
fixes, and as an exception to the usual rule, one new feature. The new
feature is the support for a new directive in the assembler: ".nop".
This directive creates a single no-op instruction in whatever encoding
is correct for the target architecture. Unlike the .space or .fill this
is a real instruction, and it does affect the generation of DWARF line
number tables, should they be enabled.
Update to binutils 2.35:
* The assembler can now produce DWARF-5 format line number tables.
* Readelf now has a "lint" mode to enable extra checks of the files it is
processing.
* Readelf will now display "[...]" when it has to truncate a symbol name.
The old behaviour - of displaying as many characters as possible, up to
the 80 column limit - can be restored by the use of the
--silent-truncation
option.
* The linker can now produce a dependency file listing the inputs that it
has processed, much like the -M -MP option supported by the compiler.
Update to binutils 2.34:
* The disassembler (objdump --disassemble) now has an option to generate
ascii art thats show the arcs between that start and end points of
control flow instructions.
* The binutils tools now have support for debuginfod. Debuginfod is a
HTTP service for distributing ELF/DWARF debugging information as well as
source code. The tools can now connect to debuginfod servers in order
to download debug information about the files that they are processing.
* The assembler and linker now support the generation of ELF format files
for the Z80 architecture.
Update to binutils 2.33.1:
* Adds support for the Arm Scalable Vector Extension version 2 (SVE2)
instructions, the Arm Transactional Memory Extension (TME) instructions
and the Armv8.1-M Mainline and M-profile Vector Extension (MVE)
instructions.
* Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P
processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,
Cortex-A76AE, and Cortex-A77 processors.
* Adds a .float16 directive for both Arm and AArch64 to allow encoding of
16-bit floating point literals.
* For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3
LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no] configure
time option to set the default behavior. Set the default if the
configure option is not used to "no".
* The Cortex-A53 Erratum 843419 workaround now supports a choice of which
workaround to use. The option --fix-cortex-a53-843419 now takes an
optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can be
used to force a particular workaround to be used. See --help for AArch64
for more details.
* Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and
GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the
AArch64 ELF linker.
* Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI
on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI
on inputs and use PLTs protected with BTI.
* Add -z pac-plt for AArch64 to pick PAC enabled PLTs.
* Add --source-comment[=<txt>] option to objdump which if present,
provides a prefix to source code lines displayed in a disassembly.
* Add --set-section-alignment <section-name>=<power-of-2-align>
option to objcopy to allow the changing of section alignments.
* Add --verilog-data-width option to objcopy for verilog targets to
control width of data elements in verilog hex format.
* The separate debug info file options of readelf (--debug-dump=links and
--debug-dump=follow) and objdump (--dwarf=links and
--dwarf=follow-links) will now display and/or follow multiple links if
more than one are present in a file. (This usually happens when gcc's
-gsplit-dwarf option is used). In addition objdump's
--dwarf=follow-links now also affects its
other display options, so that for example, when combined with
--syms it will cause the symbol tables in any linked debug info files to
also be displayed. In addition when combined with
--disassemble the --dwarf= follow-links option will ensure that any
symbol tables in the linked files are read and used when disassembling
code in the main file.
* Add support for dumping types encoded in the Compact Type Format to
objdump and readelf.
The following security fixes are addressed by the update:
- CVE-2021-20197: Fixed a race condition which allows users to own
arbitrary files (bsc#1181452).
- CVE-2021-20284: Fixed a heap-based buffer overflow in
_bfd_elf_slurp_secondary_reloc_section in elf.c (bsc#1183511).
- CVE-2021-3487: Fixed a denial of service via excessive debug section
size causing excessive memory consumption in bfd's dwarf2.c
read_section() (bsc#1184620).
- CVE-2020-35448: Fixed a heap-based buffer over-read in
bfd_getl_signed_32() in libbfd.c (bsc#1184794).
- CVE-2020-16590: Fixed a double free vulnerability in
process_symbol_table() (bsc#1179898).
- CVE-2020-16591: Fixed an invalid read in process_symbol_table()
(bsc#1179899).
- CVE-2020-16592: Fixed an use-after-free in bfd_hash_lookup()
(bsc#1179900).
- CVE-2020-16593: Fixed a null pointer dereference in
scan_unit_for_symbols() (bsc#1179901).
- CVE-2020-16598: Fixed a null pointer dereference in
debug_get_real_type() (bsc#1179902).
- CVE-2020-16599: Fixed a null pointer dereference in
_bfd_elf_get_symbol_version_string() (bsc#1179903)
- CVE-2020-35493: Fixed heap-based buffer overflow in
bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF file
(bsc#1180451).
- CVE-2020-35496: Fixed multiple null pointer dereferences in bfd module
due to not checking return value of bfd_malloc (bsc#1180454).
- CVE-2020-35507: Fixed a null pointer dereference in
bfd_pef_parse_function_stubs() (bsc#1180461).
- CVE-2019-17451: Fixed an integer overflow leading to a SEGV in
_bfd_dwarf2_find_nearest_line() in dwarf2.c (bsc#1153768).
- CVE-2019-17450: Fixed a potential denial of service in
find_abstract_instance() in dwarf2.c (bsc#1153770).
- CVE-2019-9077: Fixed a heap-based buffer overflow in
process_mips_specific() in readelf.c via a malformed MIPS option section
(bsc#1126826).
- CVE-2019-9075: Fixed a heap-based buffer overflow in
_bfd_archive_64_bit_slurp_armap() in archive64.c (bsc#1126829).
- CVE-2019-9074: Fixed a out-of-bounds read leading to a SEGV in
bfd_getl32() in libbfd.c (bsc#1126831).
- CVE-2019-12972: Fixed a heap-based buffer over-read in _bfd_doprnt() in
bfd.c (bsc#1140126).
- CVE-2019-14444: Fixed an integer overflow apply_relocations() in
readelf.c (bsc#1143609).
- CVE-2019-14250: Fixed an integer overflow in simple_object_elf_match()
in simple-object-elf.c (bsc#1142649).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-3593=1
- SUSE OpenStack Cloud Crowbar 8:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-3593=1
- SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2021-3593=1
- SUSE OpenStack Cloud 8:
zypper in -t patch SUSE-OpenStack-Cloud-8-2021-3593=1
- SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-3593=1
- SUSE Linux Enterprise Server for SAP 12-SP4:
zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-3593=1
- SUSE Linux Enterprise Server for SAP 12-SP3:
zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-3593=1
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-3593=1
- SUSE Linux Enterprise Server 12-SP4-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-3593=1
- SUSE Linux Enterprise Server 12-SP3-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-3593=1
- SUSE Linux Enterprise Server 12-SP3-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-3593=1
- SUSE Linux Enterprise Server 12-SP2-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-3593=1
- HPE Helion Openstack 8:
zypper in -t patch HPE-Helion-OpenStack-8-2021-3593=1
Package List:
- SUSE OpenStack Cloud Crowbar 9 (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE OpenStack Cloud Crowbar 8 (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE OpenStack Cloud 9 (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE OpenStack Cloud 8 (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
binutils-gold-2.37-9.39.1
binutils-gold-debuginfo-2.37-9.39.1
cross-ppc-binutils-2.37-9.39.1
cross-ppc-binutils-debuginfo-2.37-9.39.1
cross-ppc-binutils-debugsource-2.37-9.39.1
cross-spu-binutils-2.37-9.39.1
cross-spu-binutils-debuginfo-2.37-9.39.1
cross-spu-binutils-debugsource-2.37-9.39.1
- SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
- HPE Helion Openstack 8 (x86_64):
binutils-2.37-9.39.1
binutils-debuginfo-2.37-9.39.1
binutils-debugsource-2.37-9.39.1
binutils-devel-2.37-9.39.1
libctf-nobfd0-2.37-9.39.1
libctf-nobfd0-debuginfo-2.37-9.39.1
libctf0-2.37-9.39.1
libctf0-debuginfo-2.37-9.39.1
References:
https://www.suse.com/security/cve/CVE-2019-12972.html
https://www.suse.com/security/cve/CVE-2019-14250.html
https://www.suse.com/security/cve/CVE-2019-14444.html
https://www.suse.com/security/cve/CVE-2019-17450.html
https://www.suse.com/security/cve/CVE-2019-17451.html
https://www.suse.com/security/cve/CVE-2019-9074.html
https://www.suse.com/security/cve/CVE-2019-9075.html
https://www.suse.com/security/cve/CVE-2019-9077.html
https://www.suse.com/security/cve/CVE-2020-16590.html
https://www.suse.com/security/cve/CVE-2020-16591.html
https://www.suse.com/security/cve/CVE-2020-16592.html
https://www.suse.com/security/cve/CVE-2020-16593.html
https://www.suse.com/security/cve/CVE-2020-16598.html
https://www.suse.com/security/cve/CVE-2020-16599.html
https://www.suse.com/security/cve/CVE-2020-35448.html
https://www.suse.com/security/cve/CVE-2020-35493.html
https://www.suse.com/security/cve/CVE-2020-35496.html
https://www.suse.com/security/cve/CVE-2020-35507.html
https://www.suse.com/security/cve/CVE-2021-20197.html
https://www.suse.com/security/cve/CVE-2021-20284.html
https://www.suse.com/security/cve/CVE-2021-3487.html
https://bugzilla.suse.com/1126826
https://bugzilla.suse.com/1126829
https://bugzilla.suse.com/1126831
https://bugzilla.suse.com/1140126
https://bugzilla.suse.com/1142649
https://bugzilla.suse.com/1143609
https://bugzilla.suse.com/1153768
https://bugzilla.suse.com/1153770
https://bugzilla.suse.com/1157755
https://bugzilla.suse.com/1160254
https://bugzilla.suse.com/1160590
https://bugzilla.suse.com/1163333
https://bugzilla.suse.com/1163744
https://bugzilla.suse.com/1179036
https://bugzilla.suse.com/1179341
https://bugzilla.suse.com/1179898
https://bugzilla.suse.com/1179899
https://bugzilla.suse.com/1179900
https://bugzilla.suse.com/1179901
https://bugzilla.suse.com/1179902
https://bugzilla.suse.com/1179903
https://bugzilla.suse.com/1180451
https://bugzilla.suse.com/1180454
https://bugzilla.suse.com/1180461
https://bugzilla.suse.com/1181452
https://bugzilla.suse.com/1182252
https://bugzilla.suse.com/1183511
https://bugzilla.suse.com/1184620
https://bugzilla.suse.com/1184794
More information about the sle-updates
mailing list