+++ This bug was initially created as a clone of Bug #159894 +++
Integer overflow in the BFD library for binutils allows attackers to
execute arbitrary code via a crafted object file that specifies a large number
of section headers, leading to a heap-based buffer overflow.
I do not believe this issue has been fixed in FC4 yet.
It has been:
* Wed May 25 2005 Jakub Jelinek <firstname.lastname@example.org> 188.8.131.52.2.2-2
- bfd and readelf robustification (CAN-2005-1704, #158680)
There is still the crash of objdump -r resp. objdump -dr when an object
contains invalid relocation values I fixed this week, but I don't think
we need a security errata for each such a bug.
Updates for FC3 and FC4 released today.