{"affected":[{"ecosystem_specific":{"binaries":[{"binutils":"2.35.1-6.15.1","binutils-devel":"2.35.1-6.15.1","binutils-devel-32bit":"2.35.1-6.15.1","libctf-nobfd0":"2.35.1-6.15.1","libctf0":"2.35.1-6.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-ESPOS","name":"binutils","purl":"pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.35.1-6.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"binutils":"2.35.1-6.15.1","binutils-devel":"2.35.1-6.15.1","binutils-devel-32bit":"2.35.1-6.15.1","libctf-nobfd0":"2.35.1-6.15.1","libctf0":"2.35.1-6.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15-LTSS","name":"binutils","purl":"pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.35.1-6.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"binutils":"2.35.1-6.15.1","binutils-devel":"2.35.1-6.15.1","binutils-devel-32bit":"2.35.1-6.15.1","libctf-nobfd0":"2.35.1-6.15.1","libctf0":"2.35.1-6.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15-LTSS","name":"binutils","purl":"pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.35.1-6.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"binutils":"2.35.1-6.15.1","binutils-devel":"2.35.1-6.15.1","binutils-devel-32bit":"2.35.1-6.15.1","libctf-nobfd0":"2.35.1-6.15.1","libctf0":"2.35.1-6.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15","name":"binutils","purl":"pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.35.1-6.15.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for binutils fixes the following issues:\n\nbinutils was updated to version 2.35.1 (jsc#ECO-2373)\n\nAdditional branch fixes applied on top of 2.35.1:\n\n* Fixes PR26520, aka [bsc#1179036], a problem in addr2line with\n  certain DWARF variable descriptions.\n* Also fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878,\n  PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869,\n  PR26711 \n* The above includes fixes for dwo files produced by modern dwp,\n  fixing several problems in the DWARF reader.\n\nUpdate to binutils 2.35.1 and rebased branch diff:\n\n* This is a point release over the previous 2.35 version, containing bug\n  fixes, and as an exception to the usual rule, one new feature.  The\n  new feature is the support for a new directive in the assembler:\n  '.nop'.  This directive creates a single no-op instruction in whatever\n  encoding is correct for the target architecture.  Unlike the .space or\n  .fill this is a real instruction, and it does affect the generation of\n  DWARF line number tables, should they be enabled.\n\nUpdate to binutils 2.35:\n\n* The assembler can now produce DWARF-5 format line number tables.\n* Readelf now has a 'lint' mode to enable extra checks of the files it is processing.\n* Readelf will now display '[...]' when it has to truncate a symbol name.  \n  The old behaviour - of displaying as many characters as possible, up to\n  the 80 column limit - can be restored by the use of the --silent-truncation\n  option.\n* The linker can now produce a dependency file listing the inputs that it\n  has processed, much like the -M -MP option supported by the compiler.\n\n- fix DT_NEEDED order with -flto [bsc#1163744]\n\n\nUpdate to binutils 2.34:\n\n* The disassembler (objdump --disassemble) now has an option to\n  generate ascii art thats show the arcs between that start and end\n  points of control flow instructions.\n* The binutils tools now have support for debuginfod.  Debuginfod is a \n  HTTP service for distributing ELF/DWARF debugging information as\n  well as source code.  The tools can now connect to debuginfod\n  servers in order to download debug information about the files that\n  they are processing.\n* The assembler and linker now support the generation of ELF format\n  files for the Z80 architecture.\n\n- Add new subpackages for libctf and libctf-nobfd.\n- Disable LTO due to bsc#1163333.\n- Includes fixes for these CVEs:\n  bsc#1153768 aka CVE-2019-17451 aka PR25070\n  bsc#1153770 aka CVE-2019-17450 aka PR25078\n\n- fix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1:\n\n* Adds support for the Arm Scalable Vector Extension version 2\n  (SVE2) instructions, the Arm Transactional Memory Extension (TME)\n  instructions and the Armv8.1-M Mainline and M-profile Vector\n  Extension (MVE) instructions.\n* Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P\n  processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,\n  Cortex-A76AE, and Cortex-A77 processors.\n* Adds a .float16 directive for both Arm and AArch64 to allow\n  encoding of 16-bit floating point literals.\n* For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)\n  Loongson3 LLSC Errata.  Add a --enable-mips-fix-loongson3-llsc=[yes|no]\n  configure time option to set the default behavior. Set the default\n  if the configure option is not used to 'no'.\n* The Cortex-A53 Erratum 843419 workaround now supports a choice of\n  which workaround to use.  The option --fix-cortex-a53-843419 now\n  takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp]\n  which can be used to force a particular workaround to be used.\n  See --help for AArch64 for more details.\n* Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\n  GNU_PROPERTY_AARCH64_FEATURE_1_PAC  in ELF GNU program properties\n  in the AArch64 ELF linker. \n* Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI\n  on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI \n  on inputs and use PLTs protected with BTI.\n* Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n* Add --source-comment[=<txt>] option to objdump which if present,\n  provides a prefix to source code lines displayed in a disassembly.\n* Add --set-section-alignment <section-name>=<power-of-2-align>\n  option to objcopy to allow the changing of section alignments.\n* Add --verilog-data-width option to objcopy for verilog targets to\n  control width of data elements in verilog hex format.\n* The separate debug info file options of readelf (--debug-dump=links\n  and --debug-dump=follow) and objdump (--dwarf=links and\n  --dwarf=follow-links) will now display and/or follow multiple\n  links if more than one are present in a file.  (This usually\n  happens when gcc's -gsplit-dwarf option is used).\n  In addition objdump's --dwarf=follow-links now also affects its\n  other display options, so that for example, when combined with\n  --syms it will cause the symbol tables in any linked debug info\n  files to also be displayed.  In addition when combined with\n  --disassemble the --dwarf= follow-links option will ensure that\n  any symbol tables in the linked files are read and used when\n  disassembling code in the main file.\n* Add support for dumping types encoded in the Compact Type Format\n  to objdump and readelf.\n- Includes fixes for these CVEs:\n  bsc#1126826 aka CVE-2019-9077 aka PR1126826\n  bsc#1126829 aka CVE-2019-9075 aka PR1126829\n  bsc#1126831 aka CVE-2019-9074 aka PR24235\n  bsc#1140126 aka CVE-2019-12972 aka PR23405\n  bsc#1143609 aka CVE-2019-14444 aka PR24829\n  bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n* Add xBPF target\n* Fix various problems with DWARF 5 support in gas\n* fix nm -B for objects compiled with -flto and -fcommon.\n\n  ","id":"SUSE-SU-2020:3552-1","modified":"2020-11-27T17:11:51Z","published":"2020-11-27T17:11:51Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20203552-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1126826"},{"type":"REPORT","url":"https://bugzilla.suse.com/1126829"},{"type":"REPORT","url":"https://bugzilla.suse.com/1126831"},{"type":"REPORT","url":"https://bugzilla.suse.com/1140126"},{"type":"REPORT","url":"https://bugzilla.suse.com/1142649"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143609"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153768"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153770"},{"type":"REPORT","url":"https://bugzilla.suse.com/1157755"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160254"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160590"},{"type":"REPORT","url":"https://bugzilla.suse.com/1163333"},{"type":"REPORT","url":"https://bugzilla.suse.com/1163744"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179036"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-12972"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-14250"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-14444"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17450"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17451"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9074"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9075"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9077"}],"related":["CVE-2019-12972","CVE-2019-14250","CVE-2019-14444","CVE-2019-17450","CVE-2019-17451","CVE-2019-9074","CVE-2019-9075","CVE-2019-9077"],"summary":"Security update for binutils","upstream":["CVE-2019-12972","CVE-2019-14250","CVE-2019-14444","CVE-2019-17450","CVE-2019-17451","CVE-2019-9074","CVE-2019-9075","CVE-2019-9077"]}