Описание
ELSA-2025-1306: gcc-toolset-13-gcc security update (MODERATE)
[13.3.1-2.2.0.1]
- Merge Oracle patches to 13.3.1-2.2. gfortran needs install-info at installation time. Orabug: 36472775
[13.3.1-2.2]
- disable jQuery use, don't ship jquery.js (CVE-2020-11023, RHEL-78279)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
gcc-toolset-13-gcc
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-c++
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-gfortran
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-plugin-annobin
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-plugin-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libasan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libatomic-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libgccjit
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libgccjit-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libitm-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-liblsan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libstdc++-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libstdc++-docs
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libtsan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libubsan-devel
13.3.1-2.2.0.1.el8_10
libasan8
13.3.1-2.2.0.1.el8_10
libtsan2
13.3.1-2.2.0.1.el8_10
Oracle Linux x86_64
gcc-toolset-13-gcc
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-c++
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-gfortran
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-plugin-annobin
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-gcc-plugin-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libasan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libatomic-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libgccjit
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libgccjit-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libitm-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-liblsan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libquadmath-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libstdc++-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libstdc++-docs
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libtsan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-libubsan-devel
13.3.1-2.2.0.1.el8_10
gcc-toolset-13-offload-nvptx
13.3.1-2.2.0.1.el8_10
libasan8
13.3.1-2.2.0.1.el8_10
libtsan2
13.3.1-2.2.0.1.el8_10
Связанные CVE
Связанные уязвимости
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...
