gdb security update

CentOS Errata and Security Advisory CESA-2007:0469

GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion and then printing
their data.

Various buffer overflows and underflows were found in the DWARF expression
computation stack in GDB. If an attacker could trick a user into loading
an executable containing malicious debugging information into GDB, they may
be able to execute arbitrary code with the privileges of the user.
(CVE-2006-4146)

This updated package also addresses the following issues:

• Support on 64-bit hosts shared libraries debuginfo larger than 2GB.

• Fix a race occasionally leaving the detached processes stopped.

• Fix segmentation fault on the source display by ^X 1.

• Fix a crash on an opaque type dereference.

All users of gdb should upgrade to this updated package, which contains
backported patches to resolve these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-June/076059.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076064.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076080.html
https://lists.centos.org/pipermail/centos-announce/2007-June/076081.html

Affected packages:
gdb

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0469