Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1239
Security update for binutils
24 March 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: binutils
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2021-20294 CVE-2021-20284 CVE-2021-20197
CVE-2021-3487 CVE-2020-35507 CVE-2020-35496
CVE-2020-35493 CVE-2020-35448 CVE-2020-16599
CVE-2020-16598 CVE-2020-16593 CVE-2020-16592
CVE-2020-16591 CVE-2020-16590
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20220934-1
Comment: CVSS (Max): 7.0 CVE-2021-20294 (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for binutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:0934-1
Rating: moderate
References: #1179898 #1179899 #1179900 #1179901 #1179902 #1179903
#1180451 #1180454 #1180461 #1181452 #1182252 #1183511
#1183909 #1184519 #1184620 #1184794 #1188941 #1191473
#1192267
Cross-References: CVE-2020-16590 CVE-2020-16591 CVE-2020-16592 CVE-2020-16593
CVE-2020-16598 CVE-2020-16599 CVE-2020-35448 CVE-2020-35493
CVE-2020-35496 CVE-2020-35507 CVE-2021-20197 CVE-2021-20284
CVE-2021-20294 CVE-2021-3487
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP 15
______________________________________________________________________________
An update that solves 14 vulnerabilities, contains four features and has 5
fixes is now available.
Description:
This update for binutils fixes the following issues:
o For compatibility on old code stream that expect 'brcl 0,label' to not be
disassembled as 'jgnop label' on s390x. (bsc#1192267) This reverts IBM
zSeries HLASM support for now.
o Fixed that ppc64 optflags did not enable LTO (bsc#1188941).
o Fix empty man-pages from broken release tarball
o Fixed a memory corruption with rpath option (bsc#1191473).
o Fixed slow performance of stripping some binaries (bsc#1183909).
Update to binutils 2.37:
o The GNU Binutils sources now requires a C99 compiler and library to build.
o Support for Realm Management Extension (RME) for AArch64 has been added.
o A new linker option '-z report-relative-reloc' for x86 ELF targets has been
added to report dynamic relative relocations.
o A new linker option '-z start-stop-gc' has been added to disable special
treatment of __start_*/__stop_* references when --gc-sections.
o A new linker options '-Bno-symbolic' has been added which will cancel the
'-Bsymbolic' and '-Bsymbolic-functions' options.
o The readelf tool has a new command line option which can be used to specify
how the numeric values of symbols are reported. --sym-base=0|8|10|16 tells
readelf to display the values in base 8, base 10 or base 16. A sym base of
0 represents the default action of displaying values under 10000 in base 10
and values above that in base 16.
o A new format has been added to the nm program. Specifying '--format=
just-symbols' (or just using -j) will tell the program to only display
symbol names and nothing else.
o A new command line option '--keep-section-symbols' has been added to
objcopy and strip. This stops the removal of unused section symbols when
the file is copied. Removing these symbols saves space, but sometimes they
are needed by other tools.
o The '--weaken', '--weaken-symbol' and '--weaken-symbols' options supported
by objcopy now make undefined symbols weak on targets that support weak
symbols.
o Readelf and objdump can now display and use the contents of .debug_sup
sections.
o Readelf and objdump will now follow links to separate debug info files by
default. This behaviour can be stopped via the use of the new '-wN' or
'--debug-dump=no-follow-links' options for readelf and the '-WN' or
'--dwarf=no-follow-links' options for objdump. Also the old behaviour can
be restored by the use of the '--enable-follow-debug-links=no' configure
time option.
The semantics of the =follow-links option have also been slightly changed. When
enabled, the option allows for the loading of symbol tables and string tables
from the separate files which can be used to enhance the information displayed
when dumping other sections, but it does not automatically imply that
information from the separate files should be displayed.
If other debug section display options are also enabled (eg '--debug-dump=
info') then the contents of matching sections in both the main file and the
separate debuginfo file *will* be displayed. This is because in most cases the
debug section will only be present in one of the files.
If however non-debug section display options are enabled (eg '--sections') then
the contents of matching parts of the separate debuginfo file will *not* be
displayed. This is because in most cases the user probably only wanted to load
the symbol information from the separate debuginfo file. In order to change
this behaviour a new command line option --process-links can be used. This will
allow di0pslay options to applied to both the main file and any separate
debuginfo files.
o Nm has a new command line option: '--quiet'. This suppresses "no symbols"
diagnostic.
Update to binutils 2.36:
New features in the Assembler:
o General:
* When setting the link order attribute of ELF sections, it is now possible to
use a numeric section index instead of symbol name. * Added a .nop directive to
generate a single no-op instruction in a target neutral manner. This
instruction does have an effect on DWARF line number generation, if that is
active. * Removed --reduce-memory-overheads and --hash-size as gas now uses
hash tables that can be expand and shrink automatically.
o X86/x86_64:
* Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key Locker
instructions. * Support non-absolute segment values for lcall and ljmp. * Add
{disp16} pseudo prefix to x86 assembler. * Configure with
- --enable-x86-used-note by default for Linux/x86.
o ARM/AArch64:
* Add support for Cortex-A78, Cortex-A78AE and Cortex-X1, Cortex-R82, Neoverse
V1, and Neoverse N2 cores. * Add support for ETMv4 (Embedded Trace Macrocell),
ETE (Embedded Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call Stack
Recorder Extension) and BRBE (Branch Record Buffer Extension) system registers.
* Add support for Armv8-R and Armv8.7-A ISA extensions. * Add support for DSB
memory nXS barrier, WFET and WFIT instruction for Armv8.7. * Add support for
+csre feature for -march. Add CSR PDEC instruction for CSRE feature in AArch64.
* Add support for +flagm feature for -march in Armv8.4 AArch64. * Add support
for +ls64 feature for -march in Armv8.7 AArch64. Add atomic 64-byte load/store
instructions for this feature. * Add support for +pauth (Pointer
Authentication) feature for -march in AArch64.
New features in the Linker:
* Add --error-handling-script= command line option to allow a helper script to
be invoked when an undefined symbol or a missing library is encountered. This
option can be suppressed via the configure time switch:
- --enable-error-handling-script=no. * Add -z x86-64-{baseline|v[234]} to the x86
ELF linker to mark x86-64-{baseline|v[234]} ISA level as needed. * Add -z
unique-symbol to avoid duplicated local symbol names. * The creation of PE
format DLLs now defaults to using a more secure set of DLL characteristics. *
The linker now deduplicates the types in .ctf sections. The new command-line
option --ctf-share-types describes how to do this: its default value,
share-unconflicted, produces the most compact output. * The linker now omits
the "variable section" from .ctf sections by default, saving space. This is
almost certainly what you want unless you are working on a project that has its
own analogue of symbol tables that are not reflected in the ELF symtabs.
New features in other binary tools:
* The ar tool's previously unused l modifier is now used for specifying
dependencies of a static library. The arguments of this option (or
- --record-libdeps long form option) will be stored verbatim in the __.LIBDEP
member of the archive, which the linker may read at link time. * Readelf can
now display the contents of LTO symbol table sections when asked to do so via
the --lto-syms command line option. * Readelf now accepts the -C command line
option to enable the demangling of symbol names. In addition the --demangle=
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYjwIneNLKJtyKPYoAQjzmA//aDQwBP9od6trDwkDpUAiQ09g12BEv4B/
S3SCCr43jAPogwd5q5s2A0BvdhpjIXgoBpo7UwzMB2H3RpG+puF3piZjQaU310Fk
vyhwW3lT99chuIElGlMRmhKR4JzZFzeBNIpHN8cTA5Ke6j0FvkNhdb0tYXJ8xmN9
mJQdEtV5vypQlpvGVfGtzuYzNZZkX+NN2lfo3kh0QQtOGH90Y9PMPwb1SmKe1nJN
+MHCuwNr2ER7KRf7ln8b8VPHCNzqqCjEi5tmxpAwJPDhLQn8zs85hll3ui5urfvg
5oaJ2qIYfjMaJZuGtB+Gnz/VdhHiXe0Xbn2h1UZUPY/6rHbI4uZFJVwm4WESWI2B
DFjdZDT94yCNzCt4XGlsYhxxXctO7OVnAFyRsOYCoOt5wtL0ifcOahZmrHMaEya8
JNGXyqZFPRRPShPCFT6wSdheborOqxi5YPggaPf2ueNL3VuxtXS/3mQ8Ey+uHecf
UgGpDPLcBvRz8t0oN0/6829co7hHTlKgusBrOr+xGyhprXJp3E5TQQfNDy45mOOR
nEK/ql7TD0wN2g3kHqD2H/08lbI7Zv4pMpLj7kf8eiYwwqt9MLQxRlNYfA/L8LG2
7xwFopvExrqhGYn604GLvkmZ8kZZPS93JmCMVEHreDMgtriNK7GOLzKUCPZCskWI
PfQo00dyj5M=
=HwxC
-----END PGP SIGNATURE-----