Описание
Security update for gcc48
This update for gcc48 fixes the following issues:
Security issues fixed:
- A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513]
- CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947]
Bugs fixed:
- Enable LFS support in 32bit libgcov.a. [bsc#1044016]
- Bump libffi version in libffi.pc to 3.0.11.
- Properly diagnose missing -fsanitize=address support on ppc64le. [bsc#1028744]
- Backport patch for PR65612. [bsc#1022062]
Список пакетов
SUSE Linux Enterprise Software Development Kit 11 SP4
cpp48-4.8.5-5.3.1
gcc48-4.8.5-5.3.1
gcc48-32bit-4.8.5-5.3.1
gcc48-c++-4.8.5-5.3.1
gcc48-fortran-4.8.5-5.3.1
gcc48-fortran-32bit-4.8.5-5.3.1
gcc48-info-4.8.5-5.3.1
gcc48-locale-4.8.5-5.3.1
libasan0-4.8.5-5.3.1
libasan0-32bit-4.8.5-5.3.1
libstdc++48-devel-4.8.5-5.3.1
libstdc++48-devel-32bit-4.8.5-5.3.1
Ссылки
- Link for SUSE-SU-2017:2380-1
- E-Mail link for SUSE-SU-2017:2380-1
- SUSE Security Ratings
- SUSE Bug 1011348
- SUSE Bug 1022062
- SUSE Bug 1028744
- SUSE Bug 1039513
- SUSE Bug 1044016
- SUSE Bug 1050947
- SUSE CVE CVE-2017-11671 page
Описание
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:cpp48-4.8.5-5.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:gcc48-32bit-4.8.5-5.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:gcc48-4.8.5-5.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:gcc48-c++-4.8.5-5.3.1
Ссылки
- CVE-2017-11671
- SUSE Bug 1050947