Описание
Security update for gcc48
This update for gcc48 fixes the following issues:
- CVE-2019-14250: Fixed an integer overflow that could lead to an invalid memory access (bsc#1142649).
Non-security fixes:
- Fixed an issue with manual page builds (bsc#1185395).
- Fixed an issue with static initializers (bsc#1177947).
- Fixed an issue with exception handling on s390x (bsc#1161913).
Список пакетов
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
cpp48-4.8.5-31.26.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
cpp48-4.8.5-31.26.1
Image SLES12-SP5-Azure-SAP-BYOS
cpp48-4.8.5-31.26.1
Image SLES12-SP5-Azure-SAP-On-Demand
cpp48-4.8.5-31.26.1
Image SLES12-SP5-EC2-SAP-BYOS
cpp48-4.8.5-31.26.1
Image SLES12-SP5-EC2-SAP-On-Demand
cpp48-4.8.5-31.26.1
Image SLES12-SP5-GCE-SAP-BYOS
cpp48-4.8.5-31.26.1
Image SLES12-SP5-GCE-SAP-On-Demand
cpp48-4.8.5-31.26.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
cpp48-4.8.5-31.26.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
cpp48-4.8.5-31.26.1
SUSE Linux Enterprise Server 12 SP5
cpp48-4.8.5-31.26.1
gcc48-4.8.5-31.26.1
gcc48-32bit-4.8.5-31.26.1
gcc48-c++-4.8.5-31.26.1
gcc48-info-4.8.5-31.26.1
gcc48-locale-4.8.5-31.26.1
libasan0-4.8.5-31.26.1
libasan0-32bit-4.8.5-31.26.1
libstdc++48-devel-4.8.5-31.26.1
libstdc++48-devel-32bit-4.8.5-31.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
cpp48-4.8.5-31.26.1
gcc48-4.8.5-31.26.1
gcc48-32bit-4.8.5-31.26.1
gcc48-c++-4.8.5-31.26.1
gcc48-info-4.8.5-31.26.1
gcc48-locale-4.8.5-31.26.1
libasan0-4.8.5-31.26.1
libasan0-32bit-4.8.5-31.26.1
libstdc++48-devel-4.8.5-31.26.1
libstdc++48-devel-32bit-4.8.5-31.26.1
SUSE Linux Enterprise Software Development Kit 12 SP5
gcc48-4.8.5-31.26.1
gcc48-ada-4.8.5-31.26.1
gcc48-c++-4.8.5-31.26.1
gcc48-fortran-4.8.5-31.26.1
gcc48-gij-4.8.5-31.26.1
gcc48-info-4.8.5-31.26.1
gcc48-java-4.8.5-31.26.1
gcc48-locale-4.8.5-31.26.1
gcc48-obj-c++-4.8.5-31.26.1
gcc48-objc-4.8.5-31.26.1
gcc48-objc-32bit-4.8.5-31.26.1
libada48-4.8.5-31.26.1
libffi48-devel-4.8.5-31.26.1
libgcj48-4.8.5-31.26.1
libgcj48-devel-4.8.5-31.26.1
libgcj48-jar-4.8.5-31.26.1
libgcj_bc1-4.8.5-31.26.1
libstdc++48-devel-4.8.5-31.26.1
SUSE Linux Enterprise Workstation Extension 12 SP5
gcc48-gij-4.8.5-31.26.1
gcc48-gij-32bit-4.8.5-31.26.1
libgcj48-4.8.5-31.26.1
libgcj48-32bit-4.8.5-31.26.1
libgcj48-jar-4.8.5-31.26.1
libgcj_bc1-4.8.5-31.26.1
Ссылки
- Link for SUSE-SU-2022:2015-1
- E-Mail link for SUSE-SU-2022:2015-1
- SUSE Security Ratings
- SUSE Bug 1142649
- SUSE Bug 1161913
- SUSE Bug 1177947
- SUSE Bug 1178675
- SUSE Bug 1185395
- SUSE CVE CVE-2019-14250 page
Описание
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Затронутые продукты
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:cpp48-4.8.5-31.26.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:cpp48-4.8.5-31.26.1
Image SLES12-SP5-Azure-SAP-BYOS:cpp48-4.8.5-31.26.1
Image SLES12-SP5-Azure-SAP-On-Demand:cpp48-4.8.5-31.26.1
Ссылки
- CVE-2019-14250
- SUSE Bug 1142649