Extend vulnerability fix again.

Resolves: #1913744

binutils-CVE-2021-20197.patch

@@ -705,3 +705,29 @@ diff -rup binutils.orig/binutils/objcopy.c binutils-2.35.1/binutils/objcopy.c
        status = 1;
 Only in binutils-2.35.1/binutils/: objcopy.c.orig
 Only in binutils-2.35.1/binutils/: objcopy.c.rej
+--- binutils.orig/binutils/arsup.c	2021-02-04 10:42:03.265729780 +0000
++++ binutils-2.35.1/binutils/arsup.c	2021-02-04 10:45:48.439166658 +0000
+@@ -357,8 +357,21 @@ ar_save (void)
+ #endif
+       bfd_close (obfd);
+ 
+-      if (ofd == -1 || fstat (ofd, &target_stat) != 0)
+-	skip_stat = TRUE;
++      if (lstat (real_name, &target_stat) != 0)
++	{
++	  /* The temp file created in ar_open has mode 0600 as per mkstemp.
++	     Create the real empty output file here so smart_rename will
++	     update the mode according to the process umask.  */
++	  obfd = bfd_openw (real_name, NULL);
++	  if (obfd == NULL
++	      || bfd_stat (obfd, &target_stat) != 0)
++	    skip_stat = TRUE;
++	  if (obfd != NULL)
++	    {
++	      bfd_set_format (obfd, bfd_archive);
++	      bfd_close (obfd);
++	    }
++	}
+ 
+       smart_rename (temp_name, real_name, ofd,
+ 		    skip_stat ? NULL : &target_stat, 0);

binutils.spec

@@ -39,7 +39,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?name_cross}%{?_with_debug:-debug}
 Version: 2.35.1
-Release: 31%{?dist}
+Release: 32%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils
 
@@ -908,6 +908,9 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
+* Thu Feb 04 2021 Nick Clifton  <nickc@redhat.com> - 2.35.1-32
+- Extend vulnerability fix again.  (#1913744)
+
 * Wed Feb 03 2021 Nick Clifton  <nickc@redhat.com> - 2.35.1-31
 - Enable PEP support for all targets.  (#1920373)