diff --git a/SOURCES/binutils-2.27-add-globalaudit-support.patch b/SOURCES/binutils-2.27-add-globalaudit-support.patch
new file mode 100644
index 0000000..3eb29b8
--- /dev/null
+++ b/SOURCES/binutils-2.27-add-globalaudit-support.patch
@@ -0,0 +1,67 @@
+diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em
+index 9ac1840316..748f56b844 100644
+--- a/ld/emultempl/elf32.em
++++ b/ld/emultempl/elf32.em
+@@ -2676,6 +2676,10 @@ fragment <<EOF
+ link_info.noexecstack = TRUE;
+ link_info.execstack = FALSE;
+ }
++ else if (strcmp (optarg, "globalaudit") == 0)
++ {
++ link_info.flags_1 |= DF_1_GLOBAUDIT;
++ }
+ EOF
+
+ if test x"$GENERATE_SHLIB_SCRIPT" = xyes; then
+diff --git a/ld/ld.texinfo b/ld/ld.texinfo
+index ebe7e7b7bd..bbfa9fd4f4 100644
+--- a/ld/ld.texinfo
++++ b/ld/ld.texinfo
+@@ -1136,6 +1136,14 @@ This option is only meaningful when building a shared object. It makes
+ the symbols defined by this shared object available for symbol resolution
+ of subsequently loaded libraries.
+
++@item globalaudit
++This option is only meaningful when building a dynamic executable.
++This option marks the executable as requiring global auditing by
++setting the @code{DF_1_GLOBAUDIT} bit in the @code{DT_FLAGS_1} dynamic
++tag. Global auditing requires that any auditing library defined via
++the @option{--depaudit} or @option{-P} command line options be run for
++all dynamic objects loaded by the application.
++
+ @item initfirst
+ This option is only meaningful when building a shared object.
+ It marks the object so that its runtime initialization will occur
+diff --git a/ld/lexsup.c b/ld/lexsup.c
+index effa277b16..1adb302a14 100644
+--- a/ld/lexsup.c
++++ b/ld/lexsup.c
+@@ -1828,6 +1828,8 @@ elf_static_list_options (FILE *file)
+ -z execstack Mark executable as requiring executable stack\n"));
+ fprintf (file, _("\
+ -z noexecstack Mark executable as not requiring executable stack\n"));
++ fprintf (file, _("\
++ -z globalaudit Mark executable requiring global auditing\n"));
+ }
+
+ static void
+diff --git a/ld/testsuite/ld-elf/audit.exp b/ld/testsuite/ld-elf/audit.exp
+index 83ee35582e..b7af4b72cf 100644
+--- a/ld/testsuite/ld-elf/audit.exp
++++ b/ld/testsuite/ld-elf/audit.exp
+@@ -60,6 +60,9 @@ set build_tests {
+ {"Run with -lusesaudit -lusesaudit2"
+ "-Ltmpdir/ -lusesaudit -lusesaudit2" ""
+ {main.c} {{"readelf" {-d} "depaudit2.rd"}} "useslibusesaudit2.out"}
++ {"Link with -z globalaudit"
++ "-Wl,-Paudit.so -Wl,-z,globalaudit" ""
++ {main.c} {{"readelf" {-d} "globalaudit.rd"}} "globalaudit.out"}
+ }
+
+ run_cc_link_tests $build_tests
+--- /dev/null 2017-08-11 08:05:42.291658471 +0100
++++ ld/testsuite/ld-elf/globalaudit.rd 2017-08-11 15:32:41.009073026 +0100
+@@ -0,0 +1,3 @@
++#...
++.*\(FLAGS_1\).*Flags: GLOBAUDIT
++#pass
diff --git a/SOURCES/binutils-CVE-2018-10372.patch b/SOURCES/binutils-CVE-2018-10372.patch
new file mode 100644
index 0000000..073a407
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-10372.patch
@@ -0,0 +1,22 @@
+--- binutils.orig/binutils/dwarf.c 2018-05-01 11:42:02.656431736 +0100
++++ binutils-2.30/binutils/dwarf.c 2018-05-01 11:43:24.210383020 +0100
+@@ -9244,7 +9244,18 @@ process_cu_tu_index (struct dwarf_sectio
+ }
+
+ if (!do_display)
+- memcpy (&this_set[row - 1].signature, ph, sizeof (uint64_t));
++ {
++ size_t num_copy = sizeof (uint64_t);
++
++ /* PR 23064: Beware of buffer overflow. */
++ if (ph + num_copy < limit)
++ memcpy (&this_set[row - 1].signature, ph, num_copy);
++ else
++ {
++ warn (_("Signature (%p) extends beyond end of space in section\n"), ph);
++ return 0;
++ }
++ }
+
+ prow = poffsets + (row - 1) * ncols * 4;
+ /* PR 17531: file: b8ce60a8. */
diff --git a/SOURCES/binutils-CVE-2018-10373.patch b/SOURCES/binutils-CVE-2018-10373.patch
new file mode 100644
index 0000000..239f257
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-10373.patch
@@ -0,0 +1,11 @@
+--- binutils.orig/bfd/dwarf2.c 2018-05-17 11:46:03.916280930 +0100
++++ binutils-2.27/bfd/dwarf2.c 2018-05-17 12:11:45.193856898 +0100
+@@ -1471,7 +1471,7 @@ concat_filename (struct line_info_table
+ {
+ char *filename;
+
+- if (file - 1 >= table->num_files)
++ if (table == NULL || file - 1 >= table->num_files)
+ {
+ /* FILE == 0 means unknown. */
+ if (file)
diff --git a/SOURCES/binutils-CVE-2018-10534.patch b/SOURCES/binutils-CVE-2018-10534.patch
new file mode 100644
index 0000000..4a1fc8a
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-10534.patch
@@ -0,0 +1,18 @@
+--- binutils.orig/bfd/peXXigen.c 2018-05-17 11:46:03.979280220 +0100
++++ binutils-2.27/bfd/peXXigen.c 2018-05-17 12:56:36.402304487 +0100
+@@ -2964,6 +2964,15 @@ _bfd_XX_bfd_copy_private_bfd_data_common
+ bfd_get_section_size (section) - (addr - section->vma));
+ return FALSE;
+ }
++ /* PR 23110. */
++ else if (ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size < 0)
++ {
++ /* xgettext:c-format */
++ _bfd_error_handler
++ (_("%pB: Data Directory size (%#lx) is negative"),
++ obfd, ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size);
++ return FALSE;
++ }
+
+ for (i = 0; i < ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size
+ / sizeof (struct external_IMAGE_DEBUG_DIRECTORY); i++)
diff --git a/SOURCES/binutils-CVE-2018-10535.patch b/SOURCES/binutils-CVE-2018-10535.patch
new file mode 100644
index 0000000..212d53c
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-10535.patch
@@ -0,0 +1,28 @@
+--- binutils.orig/bfd/elf.c 2018-05-17 11:46:03.983280175 +0100
++++ binutils-2.27/bfd/elf.c 2018-05-17 11:48:01.560955253 +0100
+@@ -3878,16 +3878,23 @@ ignore_section_sym (bfd *abfd, asymbol *
+ {
+ elf_symbol_type *type_ptr;
+
++ if (sym == NULL)
++ return FALSE;
++
+ if ((sym->flags & BSF_SECTION_SYM) == 0)
+ return FALSE;
+
++ if (sym->section == NULL)
++ return TRUE;
++
+ type_ptr = elf_symbol_from (abfd, sym);
+ return ((type_ptr != NULL
+ && type_ptr->internal_elf_sym.st_shndx != 0
+ && bfd_is_abs_section (sym->section))
+ || !(sym->section->owner == abfd
+- || (sym->section->output_section->owner == abfd
+- && sym->section->output_offset == 0)
++ || (sym->section->output_section != NULL
++ && sym->section->output_section->owner == abfd
++ && sym->section->output_offset == 0)
+ || bfd_is_abs_section (sym->section)));
+ }
+
diff --git a/SOURCES/binutils-CVE-2018-7208.patch b/SOURCES/binutils-CVE-2018-7208.patch
new file mode 100644
index 0000000..98f0a6b
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-7208.patch
@@ -0,0 +1,12 @@
+--- binutils.orig/bfd/coffgen.c 2018-05-15 17:25:27.653131326 +0100
++++ binutils-2.27/bfd/coffgen.c 2018-05-15 17:41:49.604116561 +0100
+@@ -1552,7 +1552,8 @@ coff_pointerize_aux (bfd *abfd,
+ }
+ /* A negative tagndx is meaningless, but the SCO 3.2v4 cc can
+ generate one, so we must be careful to ignore it. */
+- if (auxent->u.auxent.x_sym.x_tagndx.l > 0)
++ if ((unsigned long) auxent->u.auxent.x_sym.x_tagndx.l
++ < obj_raw_syment_count (abfd))
+ {
+ auxent->u.auxent.x_sym.x_tagndx.p =
+ table_base + auxent->u.auxent.x_sym.x_tagndx.l;
diff --git a/SOURCES/binutils-CVE-2018-7568.patch b/SOURCES/binutils-CVE-2018-7568.patch
new file mode 100644
index 0000000..481ea14
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-7568.patch
@@ -0,0 +1,80 @@
+--- binutils.orig/bfd/dwarf1.c 2018-05-15 17:25:27.656131299 +0100
++++ binutils-2.27/bfd/dwarf1.c 2018-05-15 17:29:04.176057372 +0100
+@@ -208,6 +208,7 @@ parse_die (bfd * abfd,
+ /* Then the attributes. */
+ while (xptr < (this_die + aDieInfo->length))
+ {
++ unsigned int block_len;
+ unsigned short attr;
+
+ /* Parse the attribute based on its form. This section
+@@ -223,12 +224,15 @@ parse_die (bfd * abfd,
+ break;
+ case FORM_DATA4:
+ case FORM_REF:
+- if (attr == AT_sibling)
+- aDieInfo->sibling = bfd_get_32 (abfd, (bfd_byte *) xptr);
+- else if (attr == AT_stmt_list)
++ if (xptr + 4 <= aDiePtrEnd)
+ {
+- aDieInfo->stmt_list_offset = bfd_get_32 (abfd, (bfd_byte *) xptr);
+- aDieInfo->has_stmt_list = 1;
++ if (attr == AT_sibling)
++ aDieInfo->sibling = bfd_get_32 (abfd, xptr);
++ else if (attr == AT_stmt_list)
++ {
++ aDieInfo->stmt_list_offset = bfd_get_32 (abfd, xptr);
++ aDieInfo->has_stmt_list = 1;
++ }
+ }
+ xptr += 4;
+ break;
+@@ -236,22 +240,41 @@ parse_die (bfd * abfd,
+ xptr += 8;
+ break;
+ case FORM_ADDR:
+- if (attr == AT_low_pc)
+- aDieInfo->low_pc = bfd_get_32 (abfd, (bfd_byte *) xptr);
+- else if (attr == AT_high_pc)
+- aDieInfo->high_pc = bfd_get_32 (abfd, (bfd_byte *) xptr);
++ if (xptr + 4 <= aDiePtrEnd)
++ {
++ if (attr == AT_low_pc)
++ aDieInfo->low_pc = bfd_get_32 (abfd, xptr);
++ else if (attr == AT_high_pc)
++ aDieInfo->high_pc = bfd_get_32 (abfd, xptr);
++ }
+ xptr += 4;
+ break;
+ case FORM_BLOCK2:
+- xptr += 2 + bfd_get_16 (abfd, (bfd_byte *) xptr);
++ if (xptr + 2 <= aDiePtrEnd)
++ {
++ block_len = bfd_get_16 (abfd, xptr);
++ if (xptr + block_len > aDiePtrEnd
++ || xptr + block_len < xptr)
++ return FALSE;
++ xptr += block_len;
++ }
++ xptr += 2;
+ break;
+ case FORM_BLOCK4:
+- xptr += 4 + bfd_get_32 (abfd, (bfd_byte *) xptr);
++ if (xptr + 4 <= aDiePtrEnd)
++ {
++ block_len = bfd_get_32 (abfd, xptr);
++ if (xptr + block_len > aDiePtrEnd
++ || xptr + block_len < xptr)
++ return FALSE;
++ xptr += block_len;
++ }
++ xptr += 4;
+ break;
+ case FORM_STRING:
+ if (attr == AT_name)
+ aDieInfo->name = (char *) xptr;
+- xptr += strlen ((char *) xptr) + 1;
++ xptr += strnlen ((char *) xptr, aDiePtrEnd - xptr) + 1;
+ break;
+ }
+ }
diff --git a/SOURCES/binutils-CVE-2018-7569.patch b/SOURCES/binutils-CVE-2018-7569.patch
new file mode 100644
index 0000000..3141bd9
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-7569.patch
@@ -0,0 +1,74 @@
+--- binutils.orig/bfd/dwarf2.c 2018-05-15 17:25:27.661131255 +0100
++++ binutils-2.27/bfd/dwarf2.c 2018-05-15 17:38:16.900598281 +0100
+@@ -606,14 +606,24 @@ read_8_bytes (bfd *abfd, bfd_byte *buf,
+ }
+
+ static bfd_byte *
+-read_n_bytes (bfd *abfd ATTRIBUTE_UNUSED,
+- bfd_byte *buf,
+- bfd_byte *end,
+- unsigned int size ATTRIBUTE_UNUSED)
++read_n_bytes (bfd_byte * buf,
++ bfd_byte * end,
++ struct dwarf_block * block)
+ {
+- if (buf + size > end)
+- return NULL;
+- return buf;
++ unsigned int size = block->size;
++ bfd_byte * block_end = buf + size;
++
++ if (block_end > end || block_end < buf)
++ {
++ block->data = NULL;
++ block->size = 0;
++ return end;
++ }
++ else
++ {
++ block->data = buf;
++ return block_end;
++ }
+ }
+
+ /* Scans a NUL terminated string starting at BUF, returning a pointer to it.
+@@ -1053,8 +1063,7 @@ read_attribute_value (struct attribute *
+ return NULL;
+ blk->size = read_2_bytes (abfd, info_ptr, info_ptr_end);
+ info_ptr += 2;
+- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size);
+- info_ptr += blk->size;
++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk);
+ attr->u.blk = blk;
+ break;
+ case DW_FORM_block4:
+@@ -1064,8 +1073,7 @@ read_attribute_value (struct attribute *
+ return NULL;
+ blk->size = read_4_bytes (abfd, info_ptr, info_ptr_end);
+ info_ptr += 4;
+- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size);
+- info_ptr += blk->size;
++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk);
+ attr->u.blk = blk;
+ break;
+ case DW_FORM_data2:
+@@ -1100,8 +1108,7 @@ read_attribute_value (struct attribute *
+ return NULL;
+ blk->size = safe_read_leb128 (abfd, info_ptr, &bytes_read, FALSE, info_ptr_end);
+ info_ptr += bytes_read;
+- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size);
+- info_ptr += blk->size;
++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk);
+ attr->u.blk = blk;
+ break;
+ case DW_FORM_block1:
+@@ -1111,8 +1118,7 @@ read_attribute_value (struct attribute *
+ return NULL;
+ blk->size = read_1_byte (abfd, info_ptr, info_ptr_end);
+ info_ptr += 1;
+- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size);
+- info_ptr += blk->size;
++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk);
+ attr->u.blk = blk;
+ break;
+ case DW_FORM_data1:
diff --git a/SOURCES/binutils-CVE-2018-7642.patch b/SOURCES/binutils-CVE-2018-7642.patch
new file mode 100644
index 0000000..dd690ec
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-7642.patch
@@ -0,0 +1,32 @@
+--- binutils.orig/bfd/aoutx.h 2018-05-29 17:35:09.220062492 +0100
++++ binutils-2.27/bfd/aoutx.h 2018-05-29 17:37:09.131765293 +0100
+@@ -1713,7 +1713,13 @@ NAME (aout, translate_symbol_table) (bfd
+ else if (x < strsize)
+ in->symbol.name = str + x;
+ else
+- return FALSE;
++ {
++ _bfd_error_handler
++ (_("%B: invalid string offset %lx >= %lx"),
++ abfd, (long) x, (long) strsize);
++ bfd_set_error (bfd_error_bad_value);
++ return FALSE;
++ }
+
+ in->symbol.value = GET_SWORD (abfd, ext->e_value);
+ in->desc = H_GET_16 (abfd, ext->e_desc);
+@@ -2261,10 +2267,12 @@ NAME (aout, swap_std_reloc_in) (bfd *abf
+ if (r_baserel)
+ r_extern = 1;
+
+- if (r_extern && r_index > symcount)
++ if (r_extern && r_index >= symcount)
+ {
+ /* We could arrange to return an error, but it might be useful
+- to see the file even if it is bad. */
++ to see the file even if it is bad. FIXME: Of course this
++ means that objdump -r *doesn't* see the actual reloc, and
++ objcopy silently writes a different reloc. */
+ r_extern = 0;
+ r_index = N_ABS;
+ }
diff --git a/SOURCES/binutils-CVE-2018-7643.patch b/SOURCES/binutils-CVE-2018-7643.patch
new file mode 100644
index 0000000..7a4ed19
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-7643.patch
@@ -0,0 +1,17 @@
+diff -rup binutils.orig/binutils/dwarf.c binutils-2.27/binutils/dwarf.c
+--- binutils.orig/binutils/dwarf.c 2018-05-30 09:57:23.401080405 +0100
++++ binutils-2.27/binutils/dwarf.c 2018-05-30 09:57:33.578971357 +0100
+@@ -5195,6 +5195,13 @@ display_debug_ranges (struct dwarf_secti
+ continue;
+ }
+
++ if (next < section_begin || next >= finish)
++ {
++ warn (_("Corrupt offset (%#8.8lx) in range entry %u\n"),
++ (unsigned long) offset, i);
++ continue;
++ }
++
+ if (dwarf_check != 0 && i > 0)
+ {
+ if (start < next)
diff --git a/SOURCES/binutils-CVE-2018-8945.patch b/SOURCES/binutils-CVE-2018-8945.patch
new file mode 100644
index 0000000..de25cba
--- /dev/null
+++ b/SOURCES/binutils-CVE-2018-8945.patch
@@ -0,0 +1,30 @@
+diff -rup binutils.orig/bfd/elf-attrs.c binutils-2.27/bfd/elf-attrs.c
+--- binutils.orig/bfd/elf-attrs.c 2018-05-30 09:57:23.385080577 +0100
++++ binutils-2.27/bfd/elf-attrs.c 2018-05-30 10:01:03.528712202 +0100
+@@ -438,6 +438,15 @@ _bfd_elf_parse_attributes (bfd *abfd, El
+ /* PR 17512: file: 2844a11d. */
+ if (hdr->sh_size == 0)
+ return;
++ if (hdr->sh_size > bfd_get_size (abfd))
++ {
++ /* xgettext:c-format */
++ _bfd_error_handler (_("%B: error: attribute section '%A' too big: %#llx"),
++ abfd, hdr->bfd_section, (long long) hdr->sh_size);
++ bfd_set_error (bfd_error_invalid_operation);
++ return;
++ }
++
+ contents = (bfd_byte *) bfd_malloc (hdr->sh_size);
+ if (!contents)
+ return;
+diff -rup binutils.orig/bfd/elf.c binutils-2.27/bfd/elf.c
+--- binutils.orig/bfd/elf.c 2018-05-30 09:57:23.382080610 +0100
++++ binutils-2.27/bfd/elf.c 2018-05-30 10:01:52.766182199 +0100
+@@ -297,6 +297,7 @@ bfd_elf_get_str_section (bfd *abfd, unsi
+ /* Allocate and clear an extra byte at the end, to prevent crashes
+ in case the string table is not terminated. */
+ if (shstrtabsize + 1 <= 1
++ || shstrtabsize > bfd_get_size (abfd)
+ || bfd_seek (abfd, offset, SEEK_SET) != 0
+ || (shstrtab = (bfd_byte *) bfd_alloc (abfd, shstrtabsize + 1)) == NULL)
+ shstrtab = NULL;
diff --git a/SOURCES/binutils-strip-unknown-relocs.patch b/SOURCES/binutils-strip-unknown-relocs.patch
new file mode 100644
index 0000000..73f6912
--- /dev/null
+++ b/SOURCES/binutils-strip-unknown-relocs.patch
@@ -0,0 +1,544 @@
+diff -rup binutils.orig/bfd/elf32-i386.c binutils-2.30/bfd/elf32-i386.c
+--- binutils.orig/bfd/elf32-i386.c 2018-02-27 17:25:53.961140597 +0000
++++ binutils-2.30/bfd/elf32-i386.c 2018-02-27 17:27:14.115133477 +0000
+@@ -383,7 +383,7 @@ elf_i386_rtype_to_howto (bfd *abfd, unsi
+ {
+ (*_bfd_error_handler) (_("%B: invalid relocation type %d"),
+ abfd, (int) r_type);
+- indx = R_386_NONE;
++ return NULL;
+ }
+ /* PR 17512: file: 0f67f69d. */
+ if (elf_howto_table [indx].type != r_type)
+diff -rup binutils.orig/bfd/elf64-ppc.c binutils-2.30/bfd/elf64-ppc.c
+--- binutils.orig/bfd/elf64-ppc.c 2018-02-27 17:25:53.969140496 +0000
++++ binutils-2.30/bfd/elf64-ppc.c 2018-02-27 17:27:56.213604518 +0000
+@@ -2516,9 +2516,12 @@ ppc64_elf_info_to_howto (bfd *abfd, arel
+ {
+ (*_bfd_error_handler) (_("%B: invalid relocation type %d"),
+ abfd, (int) type);
+- type = R_PPC64_NONE;
++ cache_ptr->howto = NULL;
+ }
+- cache_ptr->howto = ppc64_elf_howto_table[type];
++ else
++ cache_ptr->howto = ppc64_elf_howto_table[type];
++ if (cache_ptr->howto == NULL || cache_ptr->howto->name == NULL)
++ _bfd_error_handler (_("%B: invalid relocation type %d"), abfd, type);
+ }
+
+ /* Handle the R_PPC64_ADDR16_HA and similar relocs. */
+diff -rup binutils.orig/bfd/elf64-s390.c binutils-2.30/bfd/elf64-s390.c
+--- binutils.orig/bfd/elf64-s390.c 2018-02-27 17:25:53.968140509 +0000
++++ binutils-2.30/bfd/elf64-s390.c 2018-02-27 17:28:24.632247443 +0000
+@@ -372,9 +372,10 @@ elf_s390_info_to_howto (bfd *abfd ATTRIB
+ {
+ (*_bfd_error_handler) (_("%B: invalid relocation type %d"),
+ abfd, (int) r_type);
+- r_type = R_390_NONE;
++ cache_ptr->howto = NULL;
+ }
+- cache_ptr->howto = &elf_howto_table[r_type];
++ else
++ cache_ptr->howto = &elf_howto_table[r_type];
+ }
+ }
+
+diff -rup binutils.orig/bfd/elf64-x86-64.c binutils-2.30/bfd/elf64-x86-64.c
+--- binutils.orig/bfd/elf64-x86-64.c 2018-02-27 17:25:53.964140559 +0000
++++ binutils-2.30/bfd/elf64-x86-64.c 2018-02-27 17:29:12.554645307 +0000
+@@ -284,7 +284,7 @@ elf_x86_64_rtype_to_howto (bfd *abfd, un
+ {
+ (*_bfd_error_handler) (_("%B: invalid relocation type %d"),
+ abfd, (int) r_type);
+- r_type = R_X86_64_NONE;
++ return NULL;
+ }
+ i = r_type;
+ }
+@@ -347,7 +347,6 @@ elf_x86_64_info_to_howto (bfd *abfd ATTR
+
+ r_type = ELF32_R_TYPE (dst->r_info);
+ cache_ptr->howto = elf_x86_64_rtype_to_howto (abfd, r_type);
+- BFD_ASSERT (r_type == cache_ptr->howto->type);
+ }
+ �
+ /* Support for core dump NOTE sections. */
+diff -rup binutils.orig/bfd/elfcode.h binutils-2.30/bfd/elfcode.h
+--- binutils.orig/bfd/elfcode.h 2018-02-27 17:25:53.964140559 +0000
++++ binutils-2.30/bfd/elfcode.h 2018-02-27 17:26:57.234345581 +0000
+@@ -1474,6 +1474,12 @@ elf_slurp_reloc_table_from_section (bfd
+ (*ebd->elf_info_to_howto) (abfd, relent, &rela);
+ else
+ (*ebd->elf_info_to_howto_rel) (abfd, relent, &rela);
++
++ if (relent->howto == NULL)
++ {
++ bfd_set_error (bfd_error_bad_value);
++ goto error_return;
++ }
+ }
+
+ if (allocated != NULL)
+diff -rup binutils.orig/binutils/objcopy.c binutils-2.30/binutils/objcopy.c
+--- binutils.orig/binutils/objcopy.c 2018-02-27 17:25:53.185150347 +0000
++++ binutils-2.30/binutils/objcopy.c 2018-02-27 17:30:05.806976202 +0000
+@@ -3022,10 +3022,19 @@ copy_object (bfd *ibfd, bfd *obfd, const
+ haven't been set yet. mark_symbols_used_in_relocations will
+ ignore input sections which have no corresponding output
+ section. */
++ bfd_set_error (bfd_error_no_error);
+ if (strip_symbols != STRIP_ALL)
+- bfd_map_over_sections (ibfd,
+- mark_symbols_used_in_relocations,
+- isympp);
++ {
++ bfd_map_over_sections (ibfd,
++ mark_symbols_used_in_relocations,
++ isympp);
++ if (bfd_get_error () != bfd_error_no_error)
++ {
++ status = 1;
++ return FALSE;
++ }
++ }
++
+ osympp = (asymbol **) xmalloc ((symcount + add_symbols + 1) * sizeof (asymbol *));
+ symcount = filter_symbols (ibfd, obfd, osympp, isympp, symcount);
+ }
+diff -rup binutils.orig/binutils/testsuite/binutils-all/objcopy.exp binutils-2.27/binutils/testsuite/binutils-all/objcopy.exp
+--- binutils.orig/binutils/testsuite/binutils-all/objcopy.exp 2018-04-11 12:34:04.671683298 +0100
++++ binutils-2.27/binutils/testsuite/binutils-all/objcopy.exp 2018-04-11 12:36:50.053734109 +0100
+@@ -1083,6 +1083,29 @@ if [is_elf_format] {
+ }
+ run_dump_test "strip-11" $extra_strip11
+
++ if { [istarget "mips64*-*-openbsd*"] } {
++ set reloc_format mips64
++ } elseif { [istarget "arm-*"] \
++ || [istarget "d10v-*"] \
++ || [istarget "dlx-*"] \
++ || [istarget "i*86-*"] \
++ || [istarget "i960-*"] \
++ || [istarget "m681*-*"] \
++ || [istarget "m68hc1*-*"] \
++ || ([istarget "mips*-*"] \
++ && ![istarget "mips64*-ps2-elf*"] \
++ && ![istarget "*-*-irix6*"] \
++ && ![istarget "mips64*-*-freebsd*"] \
++ && ![istarget "mips64*-*-kfreebsd*-gnu"] \
++ && ![istarget "mips64*-*-linux*"]) \
++ || [istarget "score*-*"] \
++ || [istarget "xgate-*"] } {
++ set reloc_format rel
++ } else {
++ set reloc_format rela
++ }
++ run_dump_test "strip-13" [list [list source strip-13${reloc_format}.s]]
++
+ if { [istarget "i*86-*"] || [istarget "x86_64-*-*"] } {
+ # Check to make sure we don't strip a symbol named in relocations.
+ set test "objcopy keeps symbols needed by relocs"
+diff -rup binutils.orig/binutils/testsuite/lib/utils-lib.exp binutils-2.27/binutils/testsuite/lib/utils-lib.exp
+--- binutils.orig/binutils/testsuite/lib/utils-lib.exp 2018-04-11 12:34:04.674683263 +0100
++++ binutils-2.27/binutils/testsuite/lib/utils-lib.exp 2018-04-11 12:54:56.097850613 +0100
+@@ -1,4 +1,4 @@
+-# Copyright (C) 1993-2016 Free Software Foundation, Inc.
++# Copyright (C) 1993-2018 Free Software Foundation, Inc.
+
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+@@ -51,12 +51,17 @@ proc binutil_version { prog } {
+ # default_binutils_run
+ # run a program, returning the output
+ # sets binutils_run_failed if the program does not exist
++# sets binutils_run_status to the exit status of the program
+ #
+ proc default_binutils_run { prog progargs } {
+ global binutils_run_failed
++ global binutils_run_status
+ global host_triplet
+
+ set binutils_run_failed 0
++ if [info exists binutils_run_status] {
++ unset binutils_run_status
++ }
+
+ if ![is_remote host] {
+ if {[which $prog] == 0} then {
+@@ -83,6 +88,7 @@ proc default_binutils_run { prog progarg
+ regsub -all "\\$" "$progargs" "\\$" progargs
+
+ set state [remote_exec host $prog $progargs]
++ set binutils_run_status [lindex $state 0]
+ set exec_output [prune_warnings [lindex $state 1]]
+ if {![string match "" $exec_output]} then {
+ send_log "$exec_output\n"
+@@ -127,7 +133,6 @@ proc default_binutils_assemble_flags { s
+ } else {
+ send_log "$exec_output\n"
+ verbose "$exec_output"
+- perror "$source: assembly failed"
+ return 0
+ }
+ }
+@@ -214,6 +219,11 @@ proc exe_ext {} {
+ # Assemble the file SOURCE.s. If omitted, this defaults to FILE.s.
+ # This is useful if several .d files want to share a .s file.
+ #
++# dump: DUMP
++# Match against DUMP.d. If omitted, this defaults to FILE.d. This
++# is useful if several .d files differ by options only. Options are
++# always read from FILE.d.
++#
+ # target: GLOBS...
+ # Run this test only on a specified list of targets. More precisely,
+ # each glob in the space-separated list is passed to "istarget"; if
+@@ -237,22 +247,22 @@ proc exe_ext {} {
+ #
+ # error: REGEX
+ # An error with message matching REGEX must be emitted for the test
+-# to pass. The PROG, objdump, nm and objcopy options have no
+-# meaning and need not supplied if this is present.
++# to pass. The DUMPPROG, addr2line, nm, objdump, readelf and size
++# options have no meaning and need not supplied if this is present.
++# Multiple "error" directives append to the expected error message.
++#
++# error_output: FILE
++# Means the same as 'error', except the regular expression lines
++# are contains in FILE.
+ #
+ # warning: REGEX
+-# Expect a gas warning matching REGEX. It is an error to issue
+-# both "error" and "warning".
+-#
+-# stderr: FILE
+-# FILE contains regexp lines to be matched against the diagnostic
+-# output of the assembler. This does not preclude the use of
+-# PROG, nm, objdump, or objcopy.
+-#
+-# error-output: FILE
+-# Means the same as 'stderr', but also indicates that the assembler
+-# is expected to exit unsuccessfully (therefore PROG, objdump, nm,
+-# and objcopy have no meaning and should not be supplied).
++# Expect a warning matching REGEX. It is an error to issue both
++# "error" and "warning". Multiple "warning" directives append to
++# the expected linker warning message.
++#
++# warning_output: FILE
++# Means the same as 'warning', except the regular expression
++# lines are contains in FILE.
+ #
+ # Each option may occur at most once.
+ #
+@@ -266,6 +276,7 @@ proc run_dump_test { name {extra_options
+ global OBJDUMP NM OBJCOPY READELF STRIP
+ global OBJDUMPFLAGS NMFLAGS OBJCOPYFLAGS READELFFLAGS STRIPFLAGS
+ global ELFEDIT ELFEDITFLAGS
++ global binutils_run_status
+ global host_triplet
+ global env
+ global copyfile
+@@ -299,6 +310,11 @@ proc run_dump_test { name {extra_options
+ set opts(PROG) {}
+ set opts(DUMPPROG) {}
+ set opts(source) {}
++ set opts(dump) {}
++ set opts(error) {}
++ set opts(warning) {}
++ set opts(error_output) {}
++ set opts(warning_output) {}
+ set opts(target) {}
+ set opts(not-target) {}
+ set opts(skip) {}
+@@ -317,12 +333,18 @@ proc run_dump_test { name {extra_options
+ # directory.
+ regsub -all "\\\$srcdir" "$opt_val" "$srcdir/$subdir" opt_val
+
+- if [string length $opts($opt_name)] {
+- perror "option $opt_name multiply set in $file.d"
+- unresolved $subdir/$name
+- return
++ switch -- $opt_name {
++ warning {}
++ error {}
++ default {
++ if [string length $opts($opt_name)] {
++ perror "option $opt_name multiply set in $file.d"
++ unresolved $subdir/$name
++ return
++ }
++ }
+ }
+- set opts($opt_name) $opt_val
++ append opts($opt_name) $opt_val
+ }
+
+ foreach i $extra_options {
+@@ -340,7 +362,8 @@ proc run_dump_test { name {extra_options
+
+ # add extra option to end of existing option, adding space
+ # if necessary.
+- if [string length $opts($opt_name)] {
++ if { ![regexp "warning|error" $opt_name]
++ && [string length $opts($opt_name)] } {
+ append opts($opt_name) " "
+ }
+ append opts($opt_name) $opt_val
+@@ -378,28 +401,35 @@ proc run_dump_test { name {extra_options
+ }
+
+ set dumpprogram ""
+- if { $opts(DUMPPROG) != "" } {
+- switch -- $opts(DUMPPROG) {
+- addr2line { set dumpprogram addr2line }
+- nm { set dumpprogram nm }
+- objdump { set dumpprogram objdump }
+- readelf { set dumpprogram readelf }
+- size { set dumpprogram size }
+- default {
+- perror "unrecognized dump program option $opts(DUMPPROG) in $file.d"
+- unresolved $testname
+- return }
+- }
+- } else {
+- # Guess which program to run, by seeing which option was specified.
+- foreach p {addr2line nm objdump readelf size} {
+- if {$opts($p) != ""} {
+- if {$dumpprogram != ""} {
+- perror "more than one possible dump program specified in $file.d"
++ # It's meaningless to require an output-testing method when we
++ # expect an error.
++ if { $opts(error) == "" && $opts(error_output) == "" } {
++ if { $opts(DUMPPROG) != "" } {
++ switch -- $opts(DUMPPROG) {
++ addr2line { set dumpprogram addr2line }
++ nm { set dumpprogram nm }
++ objdump { set dumpprogram objdump }
++ readelf { set dumpprogram readelf }
++ size { set dumpprogram size }
++ default {
++ perror "unrecognized dump program option $opts(DUMPPROG)\
++ in $file.d"
+ unresolved $testname
+ return
+- } else {
+- set dumpprogram $p
++ }
++ }
++ } else {
++ # Guess which program to run, by seeing which option was specified.
++ foreach p {addr2line nm objdump readelf size} {
++ if {$opts($p) != ""} {
++ if {$dumpprogram != ""} {
++ perror "more than one possible dump program specified\
++ in $file.d"
++ unresolved $testname
++ return
++ } else {
++ set dumpprogram $p
++ }
+ }
+ }
+ }
+@@ -456,6 +486,12 @@ proc run_dump_test { name {extra_options
+ set srcfile $srcdir/$subdir/$opts(source)
+ }
+
++ if { $opts(dump) == "" } {
++ set dumpfile ${file}.d
++ } else {
++ set dumpfile $srcdir/$subdir/$opts(dump)
++ }
++
+ if { $opts(as) == "binary" } {
+ while {[file type $srcfile] eq "link"} {
+ set newfile [file readlink $srcfile]
+@@ -464,7 +500,8 @@ proc run_dump_test { name {extra_options
+ }
+ set srcfile $newfile
+ }
+- file copy -force ${srcfile} $tempfile
++ # Make sure we copy the file if we are doing remote host testing.
++ remote_download host ${srcfile} $tempfile
+ } else {
+ set exec_output [binutils_assemble_flags ${srcfile} $tempfile $opts(as)]
+ if [string match "" $exec_output] then {
+@@ -475,16 +512,95 @@ proc run_dump_test { name {extra_options
+ }
+ }
+
++ if { (($opts(warning) != "") && ($opts(error) != "")) \
++ || (($opts(warning) != "") && ($opts(error_output) != "")) \
++ || (($opts(warning) != "") && ($opts(warning_output) != "")) \
++ || (($opts(error) != "") && ($opts(warning_output) != "")) \
++ || (($opts(error) != "") && ($opts(error_output) != "")) \
++ || (($opts(warning_output) != "") && ($opts(error_output) != "")) } {
++ perror "bad mix of warning, error, warning_output, and error_output\
++ test-directives"
++ unresolved $testname
++ return
++ }
++
++ set check_prog(source) ""
++ set check_prog(terminal) 0
++ if { $opts(error) != "" \
++ || $opts(warning) != "" \
++ || $opts(error_output) != "" \
++ || $opts(warning_output) != "" } {
++
++ if { $opts(error) != "" || $opts(error_output) != "" } {
++ set check_prog(terminal) 1
++ } else {
++ set check_prog(terminal) 0
++ }
++
++ if { $opts(error) != "" || $opts(warning) != "" } {
++ set check_prog(source) "regex"
++ if { $opts(error) != "" } {
++ set check_prog(regex) $opts(error)
++ } else {
++ set check_prog(regex) $opts(warning)
++ }
++ } else {
++ set check_prog(source) "file"
++ if { $opts(error_output) != "" } {
++ set check_prog(file) $opts(error_output)
++ } else {
++ set check_prog(file) $opts(warning_output)
++ }
++ }
++ }
++
+ set progopts1 $opts($program)
+ eval set progopts \$[string toupper $program]FLAGS
+ eval set binary \$[string toupper $program]
+
+ set exec_output [binutils_run $binary "$progopts $progopts1 $tempfile $destopt ${copyfile}.o"]
+- if ![string match "" $exec_output] {
+- send_log "$exec_output\n"
++ set cmdret 0
++ if [info exists binutils_run_status] {
++ set cmdret $binutils_run_status
++ }
++
++ regsub "\n$" $exec_output "" exec_output
++ if { $cmdret != 0 || $exec_output != "" || $check_prog(source) != "" } {
++ set exitstat "succeeded"
++ if { $cmdret != 0 } {
++ set exitstat "failed"
++ }
++
++ if { $check_prog(source) == "regex" } {
++ verbose -log "$exitstat with: <$exec_output>,\
++ expected: <$check_prog(regex)>"
++ } elseif { $check_prog(source) == "file" } {
++ verbose -log "$exitstat with: <$exec_output>,\
++ expected in file $check_prog(file)"
++ set_file_contents "tmpdir/prog.messages" "$exec_output"
++ } else {
++ verbose -log "$exitstat with: <$exec_output>, no expected output"
++ }
++ send_log -- "$exec_output\n"
+ verbose "$exec_output"
+- fail $testname
+- return
++
++ if { (($check_prog(source) == "") == ($exec_output == "")) \
++ && (($cmdret == 0) == ($check_prog(terminal) == 0)) \
++ && ((($check_prog(source) == "regex") \
++ && ($check_prog(regex) == "") == ($exec_output == "") \
++ && [regexp -- $check_prog(regex) $exec_output]) \
++ || (($check_prog(source) == "file") \
++ && (![regexp_diff "tmpdir/prog.messages" \
++ "$srcdir/$subdir/$check_prog(file)"]))) } {
++ # We have the expected output from prog.
++ if { $check_prog(terminal) || $program == "" } {
++ pass $testname
++ return
++ }
++ } else {
++ fail $testname
++ return
++ }
+ }
+
+ set progopts1 $opts($dumpprogram)
+@@ -534,7 +650,7 @@ proc run_dump_test { name {extra_options
+ }
+
+ verbose_eval {[file_contents "tmpdir/dump.out"]} 3
+- if { [regexp_diff "tmpdir/dump.out" "${file}.d"] } then {
++ if { [regexp_diff "tmpdir/dump.out" "${dumpfile}"] } then {
+ fail $testname
+ verbose "output is [file_contents "tmpdir/dump.out"]" 2
+ return
+--- /dev/null 2018-04-11 08:10:00.466225454 +0100
++++ binutils-2.27/binutils/testsuite/binutils-all/strip-13.d 2018-04-11 12:55:42.481306111 +0100
+@@ -0,0 +1,10 @@
++#PROG: strip
++#strip: -g
++#error: \A[^\n]*: invalid relocation type 143\n
++#error: [^\n]*: Bad value\Z
++#not-target: h8300-* ip2k-* m6811-* m68hc11-* rx-*
++# The H8300-*, IP2K and 68HC11 targets use 16-bit addressing, so `.dc.a'
++# does not work for manual relocation data construction.
++# The RX targets do not complain about unrecognised relocs, unless they
++# are actually used
++# (which is what should really happen with the other targets...)
+--- /dev/null 2018-04-11 08:10:00.466225454 +0100
++++ binutils-2.27/binutils/testsuite/binutils-all/strip-13mips64.s 2018-04-11 12:37:17.195412074 +0100
+@@ -0,0 +1,14 @@
++ .text
++foo:
++ .dc.l 0x12345678
++
++ .section .rela.text
++ .dc.a 0
++ .dc.l 0
++ .dc.b 0, 0, 0, 0x8f
++ .dc.a 0x0000008f
++
++ .dc.a 0
++ .dc.l 0
++ .dc.b 0, 0, 0, 0
++ .dc.a 0
+--- /dev/null 2018-04-11 08:10:00.466225454 +0100
++++ binutils-2.27/binutils/testsuite/binutils-all/strip-13rela.s 2018-04-11 12:37:17.195412074 +0100
+@@ -0,0 +1,12 @@
++ .text
++foo:
++ .dc.l 0x12345678
++
++ .section .rela.text
++ .dc.a 0
++ .dc.a 0x0000008f
++ .dc.a 0x0000008f
++
++ .dc.a 0
++ .dc.a 0
++ .dc.a 0
+--- /dev/null 2018-04-11 08:10:00.466225454 +0100
++++ binutils-2.27/binutils/testsuite/binutils-all/strip-13rel.s 2018-04-11 12:37:17.195412074 +0100
+@@ -0,0 +1,10 @@
++ .text
++foo:
++ .dc.l 0x12345678
++
++ .section .rel.text
++ .dc.a 0
++ .dc.a 0x0000008f
++
++ .dc.a 0
++ .dc.a 0
+--- binutils.orig/bfd/elfnn-aarch64.c 2018-04-11 12:34:04.649683557 +0100
++++ binutils-2.27/bfd/elfnn-aarch64.c 2018-04-11 13:33:08.539305994 +0100
+@@ -1977,6 +1977,8 @@ elfNN_aarch64_info_to_howto (bfd *abfd A
+
+ r_type = ELFNN_R_TYPE (elf_reloc->r_info);
+ bfd_reloc->howto = elfNN_aarch64_howto_from_type (r_type);
++ if (bfd_reloc->howto == NULL)
++ _bfd_error_handler (_("%B: invalid relocation type %d"), abfd, r_type);
+ }
+
+ static reloc_howto_type *
diff --git a/SOURCES/binutils-x86_64-do-not-convert-abs-relocs.patch b/SOURCES/binutils-x86_64-do-not-convert-abs-relocs.patch
new file mode 100644
index 0000000..f66fab7
--- /dev/null
+++ b/SOURCES/binutils-x86_64-do-not-convert-abs-relocs.patch
@@ -0,0 +1,12 @@
+--- binutils.orig/bfd/elf64-x86-64.c 2018-03-19 11:50:18.770407381 +0000
++++ binutils-2.27/bfd/elf64-x86-64.c 2018-03-19 12:01:12.177534677 +0000
+@@ -1931,6 +1931,9 @@ elf_x86_64_convert_load_reloc (bfd *abfd
+ {
+ bfd_signed_vma distance;
+
++ if (tsec->output_section == NULL)
++ return TRUE;
++
+ /* At this point, we don't know the load addresses of TSEC
+ section nor SEC section. We estimate the distrance between
+ SEC and TSEC. We store the estimated distances in the
diff --git a/SPECS/binutils.spec b/SPECS/binutils.spec
index 9dc20df..8106e84 100644
--- a/SPECS/binutils.spec
+++ b/SPECS/binutils.spec
@@ -54,7 +54,7 @@ Version: 2.27
# Note: The Release string *must* be different from that used by any of the
# devtoolset binutils associated with this release. That is why ".base"
# has been appended here. See BZ 1337617 for more details.
-Release: 28.base%{?dist}.1
+Release: 34.base%{?dist}
License: GPLv3+
Group: Development/Tools
URL: http://sources.redhat.com/binutils
@@ -283,9 +283,65 @@ Patch40: binutils-2.27-power9.3.patch
# Lifetime: Fixed in 2.30.
Patch41: binutils-2.27-ppc64-discarded-plt-sections.patch
+# Purpose: Fix a seg-fault in the x86_64 linker when attempting to convert
+# relocations against the absolute section.
+# Lifetime: Fixed in 2.30.
+Patch42: binutils-x86_64-do-not-convert-abs-relocs.patch
+
+# Purpose: Add support for a "-z globalaudit" linker command line option.
+# Lifetime: Fixed in 2.30.
+Patch43: binutils-2.27-add-globalaudit-support.patch
+
+# Purpose: Stop strip from replacing unknown relocs with null relocs. Make
+# it return an error status and not strip the file instead.
+# Lifetime: Fixed in 2.31.
+Patch44: binutils-strip-unknown-relocs.patch
+
# Purpose: Allow "lea foo@GOT, %reg" in PIC mode on the x86.
# Lifetime: Fixed in 2.28
-Patch42: binutils-x86-lea-addressing.patch
+Patch45: binutils-x86-lea-addressing.patch
+
+# Purpose: Fix seg-fault parsing corrupt DWARF1 debug information.
+# Lifetime: Fixed in 2.31
+Patch46: binutils-CVE-2018-7568.patch
+
+# Purpose: Fix seg-fault parsing corrupt DWARF debug information.
+# Lifetime: Fixed in 2.31
+Patch47: binutils-CVE-2018-7569.patch
+
+# Purpose: Fix seg-fault parsing corrupt COFF files.
+# Lifetime: Fixed in 2.31
+Patch48: binutils-CVE-2018-7208.patch
+
+# Purpose: Fix seg-fault parsing corrupt ELF files.
+# Lifetime: Fixed in 2.31
+Patch49: binutils-CVE-2018-10535.patch
+
+# Purpose: Fix seg-fault parsing corrupt DWARF debug information.
+# Lifetime: Fixed in 2.31
+Patch50: binutils-CVE-2018-10373.patch
+
+# Purpose: Fix seg-fault parsing corrupt DWARF debug information.
+# Lifetime: Fixed in 2.31
+Patch51: binutils-CVE-2018-10372.patch
+
+# Purpose: Fix seg-fault parsing a corrupt PE format file.
+# Lifetime: Fixed in 2.31
+Patch52: binutils-CVE-2018-10534.patch
+
+# Purpose: Fix seg-fault parsing a corrupt AOUT format file.
+# Lifetime: Fixed in 2.31
+Patch53: binutils-CVE-2018-7642.patch
+
+# Purpose: Fix seg-fault parsing corrupt DWARF debug information.
+# Lifetime: Fixed in 2.31
+Patch54: binutils-CVE-2018-7643.patch
+
+# Purpose: Fix seg-fault parsing corrupt ELF files.
+# Lifetime: Fixed in 2.31
+Patch55: binutils-CVE-2018-8945.patch
+
+
# Purpose: A *temporary* patch to disable the generation of
# R_X86_64_GOTPCRELX and R_X86_64_REX_GETPCRELX relocations by the
@@ -467,6 +523,19 @@ using libelf instead of BFD.
%patch40 -p1
%patch41 -p1
%patch42 -p1
+%patch43 -p1
+%patch44 -p1
+%patch45 -p1
+%patch46 -p1
+%patch47 -p1
+%patch48 -p1
+%patch49 -p1
+%patch50 -p1
+%patch51 -p1
+%patch52 -p1
+%patch53 -p1
+%patch54 -p1
+%patch55 -p1
# TEMPORARY patches.
%patch998 -p1
@@ -873,15 +942,37 @@ exit 0
#---------------------------------------------------------------------------------
%changelog
-* Tue May 29 2018 Nick Clifton <nickc@redhat.com> 2.27-28.base.1
-- Fix the N-V-R for z-stream release.
-
-* Fri May 25 2018 Marek Polacek <polacek@redhat.com> 2.27-28.base.0.0.hotfix.1.bz1582602
-- Hotfix build.
-
-* Fri May 25 2018 Marek Polacek <polacek@redhat.com> 2.27-28.base
-- Allow "lea foo@GOT, %reg" in PIC mode on the x86.
- (#1582602)
+* Wed May 30 2018 Nick Clifton <nickc@redhat.com> 2.27-34.base
+- Fix seg-fault parsing corrupt AOUT format files. (#1579799)
+- Fix seg-fault parsing corrupt DWARF2 debug information. (#1579802)
+- Fix seg-fault parsing corrupt ELF format files. (#1579801)
+
+* Thu May 17 2018 Nick Clifton <nickc@redhat.com> 2.27-33.base
+- Fix seg-fault parsing ELF files. (#1578979)
+- Fix seg-fault parsing DWARF-2 information. (#1579065)
+- Fix seg-fault parsing DWARF-2 information. (#1579051)
+- Fix seg-fault parsing a PE format file. (#1579019)
+
+* Wed May 16 2018 Nick Clifton <nickc@redhat.com> 2.27-32.base
+- Fix seg-fault parsing DWARF-1 information. (#1569580)
+- Fix seg-fault parsing DWARF-2 information. (#1569891)
+- Fix seg-fault parsing COFF files. (#1571917)
+
+* Wed May 02 2018 Nick Clifton <nickc@redhat.com> 2.27-31.base
+- Allow "lea foo@GOT, %reg" in PIC mode on the x86. (#1573872)
+
+* Fri Apr 20 2018 Nick Clifton <nickc@redhat.com> 2.27-30.base
+- Version bump in order to allow a rebuild, in order to work around a transient problem with the compose database.
+
+* Wed Apr 11 2018 Nick Clifton <nickc@redhat.com> 2.27-29.base
+- Add support for the GLOBALAUDIT dynamic linker tag.
+ (#1439351)
+
+* Wed Apr 11 2018 Nick Clifton <nickc@redhat.com> 2.27-28.base
+- Stop the x86_64 linker from crashing when asked to convert a reloc against the ABS section.
+ (#1557346)
+- Stop strip from replacing unknown relocs with null relocs.
+ (#1545386)
* Thu Jan 11 2018 Nick Clifton <nickc@redhat.com> 2.27-27.base
- Do enable relro by default for the PowerPC64 architecture.