[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2016-6131 binutils, gdb, valgrind etc.

Brian May <bam@debian.org> writes:

> I have a build of binutils for all pending CVEs except CVE-2016-4491,

My suspicion is that the wheezy version is vulnerable to CVE-2016-4491.

However in more recent versions d_print_comp has been split up into two
functions: d_print_comp which calls d_print_comp_inner that does the
bulk of the work.

The patch applies to the outer d_print_comp function.

In wheezy, there is only one function, which looks more like the inner
function. As there is no equivalent of the outer function, the patch
will not apply with out changes.
Brian May <bam@debian.org>

Reply to: