Описание
Security update for gcc43
This update for gcc43 fixes the following issues:
Security issue fixed:
- CVE-2017-1000376: Don't request excutable stack from libffi. [bnc#1045091]
New features:
- Add support for retpolines to mitigate the Spectre Variant 2 attack. [bnc#1074621]
- Add support for zero-sized VLAs and allocas with -fstack-clash-protection. [bnc#1059075]
- Add support for -fstack-clash-protection to mitigate the Stack Clash attack. [bnc#1039513]
Non security bugs fixed:
- Fixed build of 32bit libgcov.a with LFS support. [bsc#1044016]
- Fixed issue with libstdc++ functional when an exception is thrown during construction. [bsc#999596]
- Fixed issue with using gcov and #pragma pack. [bsc#977654]
- Fixed ICE compiling AFS modules for the s390x kernel. [bsc#938159]
- Backport large file support from GCC 4.6.
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
cpp43-4.3.4_20091019-37.3.1
gcc43-4.3.4_20091019-37.3.1
gcc43-c++-4.3.4_20091019-37.3.1
gcc43-info-4.3.4_20091019-37.3.1
gcc43-locale-4.3.4_20091019-37.3.1
libstdc++43-devel-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Server 11 SP3-LTSS
cpp43-4.3.4_20091019-37.3.1
gcc43-4.3.4_20091019-37.3.1
gcc43-32bit-4.3.4_20091019-37.3.1
gcc43-c++-4.3.4_20091019-37.3.1
gcc43-fortran-4.3.4_20091019-37.3.1
gcc43-fortran-32bit-4.3.4_20091019-37.3.1
gcc43-info-4.3.4_20091019-37.3.1
gcc43-locale-4.3.4_20091019-37.3.1
libstdc++43-devel-4.3.4_20091019-37.3.1
libstdc++43-devel-32bit-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
cpp43-4.3.4_20091019-37.3.1
gcc43-4.3.4_20091019-37.3.1
gcc43-32bit-4.3.4_20091019-37.3.1
gcc43-c++-4.3.4_20091019-37.3.1
gcc43-fortran-4.3.4_20091019-37.3.1
gcc43-fortran-32bit-4.3.4_20091019-37.3.1
gcc43-info-4.3.4_20091019-37.3.1
gcc43-locale-4.3.4_20091019-37.3.1
libstdc++43-devel-4.3.4_20091019-37.3.1
libstdc++43-devel-32bit-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Server 11 SP4
cpp43-4.3.4_20091019-37.3.1
gcc43-4.3.4_20091019-37.3.1
gcc43-32bit-4.3.4_20091019-37.3.1
gcc43-c++-4.3.4_20091019-37.3.1
gcc43-info-4.3.4_20091019-37.3.1
gcc43-locale-4.3.4_20091019-37.3.1
libstdc++43-devel-4.3.4_20091019-37.3.1
libstdc++43-devel-32bit-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
cpp43-4.3.4_20091019-37.3.1
gcc43-4.3.4_20091019-37.3.1
gcc43-32bit-4.3.4_20091019-37.3.1
gcc43-c++-4.3.4_20091019-37.3.1
gcc43-info-4.3.4_20091019-37.3.1
gcc43-locale-4.3.4_20091019-37.3.1
libstdc++43-devel-4.3.4_20091019-37.3.1
libstdc++43-devel-32bit-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4
cpp43-4.3.4_20091019-37.3.1
gcc43-ada-4.3.4_20091019-37.3.1
gcc43-fortran-4.3.4_20091019-37.3.1
gcc43-fortran-32bit-4.3.4_20091019-37.3.1
gcc43-obj-c++-4.3.4_20091019-37.3.1
gcc43-objc-4.3.4_20091019-37.3.1
gcc43-objc-32bit-4.3.4_20091019-37.3.1
libada43-4.3.4_20091019-37.3.1
libobjc43-4.3.4_20091019-37.3.1
libobjc43-32bit-4.3.4_20091019-37.3.1
Ссылки
- Link for SUSE-SU-2018:0300-1
- E-Mail link for SUSE-SU-2018:0300-1
- SUSE Security Ratings
- SUSE Bug 1039513
- SUSE Bug 1044016
- SUSE Bug 1045091
- SUSE Bug 1059075
- SUSE Bug 1074621
- SUSE Bug 938159
- SUSE Bug 977654
- SUSE Bug 999596
- SUSE CVE CVE-2017-1000376 page
Описание
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:cpp43-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Point of Sale 11 SP3:gcc43-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Point of Sale 11 SP3:gcc43-c++-4.3.4_20091019-37.3.1
SUSE Linux Enterprise Point of Sale 11 SP3:gcc43-info-4.3.4_20091019-37.3.1
Ссылки
- CVE-2017-1000376
- SUSE Bug 1045091