[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Testing needed for binutils security update

On 2014-12-23 00:38, Luciano Bello wrote:
I have been trying to fix the multiple security issues that binutils has
pending[1] for wheezy/stable. It have been quite complicated and the patch
affects many elements of the code. I would like to avoid regression as much as

Please, take a look to it [2] (compiled for amd64) and report success or errors
to team@security.debian.org

[1] https://security-tracker.debian.org/tracker/source-package/binutils
[2] https://people.debian.org/~luciano/binutils_2.22-8+deb7u1/

CVEs were assigned only to a small number of issues so far and I'm not sure it's worth it to fix them without fixing others. Or did you fix others too? You can find more issues and fixes in two upstream bugs:


and the process is not over, new issues are still being found and fixed.

Sorry if it's not easy to track. I'd like to make it easier for Debian. Any feedback on the process is welcome.

BTW, the situation with elfutils is somewhat similar, the bug report is here:


Alexander Cherepanov

Reply to: