Security update for gdb
| Announcement ID: | SUSE-SU-2019:2902-1 |
|---|---|
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability, contains one feature and has two security fixes can now be installed.
Description:
This update for gdb fixes the following issues:
Update to gdb 8.3.1: (jsc#ECO-368)
Security issues fixed:
- CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. (bsc#1142772)
Upgrade libipt from v2.0 to v2.0.1.
- Enable librpm for version > librpm.so.3 [bsc#1145692]:
- Allow any librpm.so.x
-
Add %build test to check for "zypper install <rpm-packagename>" message
-
Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python, and use it for --without=python.
Rebase to 8.3 release (as in fedora 30 @ 1e222a3).
- DWARF index cache: GDB can now automatically save indices of DWARF symbols on disk to speed up further loading of the same binaries.
- Ada task switching is now supported on aarch64-elf targets when debugging a program using the Ravenscar Profile.
- Terminal styling is now available for the CLI and the TUI.
- Removed support for old demangling styles arm, edg, gnu, hp and lucid.
-
Support for new native configuration RISC-V GNU/Linux (riscv--linux*).
-
Implemented access to more POWER8 registers. [fate#326120, fate#325178]
- Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Development Tools Module 15
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-2902=1
Package List:
-
Development Tools Module 15 (aarch64 ppc64le s390x x86_64)
- gdbserver-8.3.1-3.13.1
- gdb-8.3.1-3.13.1
- gdb-debugsource-8.3.1-3.13.1
- gdbserver-debuginfo-8.3.1-3.13.1
- gdb-debuginfo-8.3.1-3.13.1