+++ This bug was initially created as a clone of Bug #159894 +++ Integer overflow in the BFD library for binutils allows attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
I do not believe this issue has been fixed in FC4 yet.
It has been: * Wed May 25 2005 Jakub Jelinek <jakub> 2.15.94.0.2.2-2 - bfd and readelf robustification (CAN-2005-1704, #158680) There is still the crash of objdump -r resp. objdump -dr when an object contains invalid relocation values I fixed this week, but I don't think we need a security errata for each such a bug.
Updates for FC3 and FC4 released today.