- New upstream version 2.13.02:
* Fix generation of PEXTRW instruction.
* Fix smartalign package which could trigger an error during
optimization if the alignment code expanded too much due to
optimization of the previous code.
* Fix a case where negative value in TIMES directive causes
panic instead of an error.
* Fix the incorrect generation of VEX-encoded instruction
when static mode decorators are specified on scalar instructions,
losing the decorators as they require EVEX encoding.
* Fix generation of dependency lists.
* Fixes macro calls that have the wrong number of arguments
(bsc#1073796, CVE-2017-17810)
* Fixes Heap-based buffer overflow allows related to a strcpy
in paste_tokens (bsc#1073798, CVE-2017-17811)
* Fixes Heap-based buffer over-read in the function detoken()
(bsc#1073799, CVE-2017-17812)
* Fixes Use-after-free in the pp_list_one_macro function
(bsc#1073803, CVE-2017-17813)
* Fixes Use-after-free in do_directive
(bsc#1073808, CVE-2017-17814)
* Fixes Illegal address access in is_mmacro()
(bsc#1073818, CVE-2017-17815)
* Fixes Use-after-free in pp_getline
(bsc#1073823, CVE-2017-17816)
* Fixes Use-after-free in pp_verror
(bsc#1073829, CVE-2017-17817)
* Fixes Heap-based buffer over-read related to a while loop in
paste_tokens (bsc#1073830, CVE-2017-17818)
* Fixes Illegal address access in the function find_cc
(bsc#1073832, CVE-2017-17819)
* Fixes Use-after-free in pp_list_one_macro
(bsc#1073846, CVE-2017-17820)
* Fixes illegal address access in thefunction paste_tokens()
(bsc#1058013, CVE-2017-14228)
- memory_fixes.patch: changes upstreamed and removed.
OBS-URL: https://build.opensuse.org/request/show/569247
OBS-URL: https://build.opensuse.org/package/show/devel:tools:compiler/nasm?expand=0&rev=34
0059ea0f8b