elfutils: Multiple vulnerabilities Multiple vulnerabilities have been found in elfutils, the worst of which may allow remote attackers to cause a Denial of Service condition. elfutils 2017-10-13 2017-10-13 614002 614004 618004 remote 0.169-r1 0.169-r1

Elfutils provides a library and utilities to access, modify and analyse ELF objects.

Multiple vulnerabilities have been discovered in elfutils. Please review the referenced CVE identifiers for details.

A remote attacker could possibly cause a Denial of Service condition via specially crafted ELF files.

There is no known workaround at this time.

All elfutils users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/elfutils-0.169-r1"

Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.

CVE-2016-10254 CVE-2016-10255 CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 b-man chrisadr