id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
4804	binutils-2.36.1	Bruce Dubbs	lfs-book	"New point version.

We are very sorry to have to report that a problem was found with the
GNU Binutils 2.36 release.  It turns out that it contained a small
portion of code that was not covered by an FSF copyright assignment.
So we have created a replacement release - 2.36.1 - with that code
removed.

In addition we found that a fix for a theoretical security
vulnerability[1] was itself broken and could result in the archiver
program ""ar"" misbehaving.  So we have chosen to revert the fix from
the 2.36.1 release whilst the problem is properly resolved.

[1]: CVE 2021-20197: https://sourceware.org/bugzilla/show_bug.cgi?id=26945 "	task	closed	normal	10.1	Book	SVN	normal	fixed