{"id":"MGASA-2014-0346","summary":"Updated sdcc packages fix a security vulnerability","details":"Integer overflow, leading to heap-buffer overflow by processing certain\nfile headers via bfd binary. (CVE-2012-3509)\n\nA nonfree package is also now available, which provides components that\ncannot be included in the core repository.\n\nIn addition, this update obsoletes sdcc2.9, which is old and probably has\nthe same security vulnerability.\n","modified":"2026-02-02T03:23:56.318619Z","published":"2014-08-22T10:58:14Z","related":["CVE-2012-3509"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0346.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13841"},{"type":"REPORT","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136230.html"}],"affected":[{"package":{"name":"sdcc","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/sdcc?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.0-6.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0346.json"}},{"package":{"name":"sdcc","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/sdcc?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.0-6.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0346.json"}},{"package":{"name":"sdcc","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/sdcc?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.0-6.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0346.json"}},{"package":{"name":"sdcc","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/sdcc?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.0-6.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0346.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}