nasm 2.11.08-1ubuntu0.1 source package in Ubuntu
Changelog
nasm (2.11.08-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: code execution via heap use-after-free - debian/patches/CVE-2017-10686-1.patch: don't call free_mmacro in preproc.c. - debian/patches/CVE-2017-10686-2.patch: free token's text if only it has been modified in preproc.c. - CVE-2017-10686 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2017-11111.patch: only concat tok->text if we accounted for its size in preproc.c. - CVE-2017-11111 * SECURITY UPDATE: NULL pointer dereference in paste_tokens - debian/patches/CVE-2017-14228.patch: check length in preproc.c. - CVE-2017-14228 * SECURITY UPDATE: DoS via macro calls with wrong number of arguments - debian/patches/CVE-2017-17810.patch: check arguments in preproc.c. - CVE-2017-17810 * SECURITY UPDATE: DoS via heap over-read - debian/patches/CVE-2017-17812.patch: check for data to process in preproc.c. - CVE-2017-17812 * SECURITY UPDATE: DoS via missing check - debian/patches/CVE-2017-17815.patch: don't leave nparam_max less than nparam_min in preproc.c. - CVE-2017-17815 * SECURITY UPDATE: DoS via incorrect validation - debian/patches/CVE-2017-17819.patch: check for NULL pointer in preproc.c. - CVE-2017-17819 * SECURITY UPDATE: heap-based overread - debian/patches/CVE-2018-8881.patch: handle unterminated strings in preproc.c. - CVE-2018-8881 * The above patches also fix the following CVEs: - CVE-2017-17811 - CVE-2017-17813 - CVE-2017-17814 - CVE-2017-17816 - CVE-2017-17817 - CVE-2017-17818 - CVE-2017-17820 -- Marc Deslauriers <email address hidden> Thu, 28 Jun 2018 09:11:21 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Xenial | updates | universe | devel | |
Xenial | security | universe | devel |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
nasm_2.11.08.orig.tar.xz | 746.9 KiB | c99467c7072211c550d147640d8a1a0aa4d636d4d8cf849f3bf4317d900a1f7f |
nasm_2.11.08-1ubuntu0.1.debian.tar.xz | 17.5 KiB | edabb000cf5897f130d65efda9d872e618b428f943d89a06c346c24b96a6c541 |
nasm_2.11.08-1ubuntu0.1.dsc | 1.8 KiB | f890d5795f11038731a40ce569ab51ce491f3d3de93534854c25b75345148492 |
Available diffs
Binary packages built by this source
- nasm: General-purpose x86 assembler
Netwide Assembler. NASM will currently output flat-form binary files,
a.out, COFF and ELF Unix object files, and Microsoft 16-bit DOS and
Win32 object files.
.
Also included is NDISASM, a prototype x86 binary-file disassembler
which uses the same instruction table as NASM.
.
NASM is released under the GNU Lesser General Public License (LGPL).
- nasm-dbgsym: debug symbols for package nasm
Netwide Assembler. NASM will currently output flat-form binary files,
a.out, COFF and ELF Unix object files, and Microsoft 16-bit DOS and
Win32 object files.
.
Also included is NDISASM, a prototype x86 binary-file disassembler
which uses the same instruction table as NASM.
.
NASM is released under the GNU Lesser General Public License (LGPL).