[UCI-Linux] [SECURITY] Fedora Core 3 Update: gdb-6.1post-1.20040607.43.0.1

Mike Iglesias iglesias at draco.acs.uci.edu
Thu Oct 27 10:27:13 PDT 2005

From: "Jeff Johnston" <jjohnstn at redhat.com>
To: fedora-announce-list at redhat.com
Date: Thu, 27 Oct 2005 13:10:51 -0400
Subject: [SECURITY] Fedora Core 3 Update: gdb-6.1post-1.20040607.43.0.1

Fedora Update Notification

Product     : Fedora Core 3
Name        : gdb
Version     : 6.1post                      
Release     : 1.20040607.43.0.1                  
Summary     : A GNU source-level debugger for C, C++ and other languages.
Description :
GDB, the GNU debugger, allows you to debug programs written in C, C++,
and other languages, by executing them in a controlled fashion and
printing their data.

Update Information:

This is an fc3 update for gdb regarding security issues:

CAN-2005-1704 Integer Overflow in gdb

  This problem is that gdb's internal copy of bfd
  does not protect against heap-based overflow.

CAN-2005-1705 gdb arbitrary command execution

  This problem allows unprotected .gdbinit files
  to execute arbitrary commands during gdb startup.

Fixes for both problems are found in:


* Tue Oct  4 2005 Jeff Johnston	<jjohnstn at redhat.com>	1.200400607.43.0.1
- Security errata to handle untrusted .gdbinit and bfd integer overflow.
- Bugzilla 158683 and bugzilla 158686

This update can be downloaded from:

b8b1221e0bee3f36f56d97a5a14f967e  SRPMS/gdb-6.1post-1.20040607.43.0.1.src.rpm
5888949940a560c9ba95df6e06d844c1  x86_64/gdb-6.1post-1.20040607.43.0.1.x86_64.rpm
503a943143b7d0493f138db9d3884829  x86_64/debug/gdb-debuginfo-6.1post-1.20040607.43.0.1.x86_64.rpm
1c0c3d31110fef65ebde55bc1c77bde1  i386/gdb-6.1post-1.20040607.43.0.1.i386.rpm
36c25e23d587ebf23099e4bf300e8ae2  i386/debug/gdb-debuginfo-6.1post-1.20040607.43.0.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list