Red Hat Bugzilla – Bug 877012
CVE-2012-3509 binutils: in bundled libiberty [fedora-rawhide]
Last modified: 2013-07-01 12:09:19 EDT
This package bundles libiberty, and may need to be patched based on the patch referenced in 860769.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.
(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)
More information and reason for this action is here:
This was fixed for F19 by this patch:
2012-09-18 Florian Weimer <firstname.lastname@example.org>
* objalloc.c (_objalloc_alloc): Add overflow check covering
alignment and CHUNK_HEADER_SIZE addition.