Описание
Security update for gcc48
This update for GCC 4.8 provides the following fixes:
- Fix C++11 std::random_device short read issue that could lead to predictable randomness. (CVE-2015-5276, bsc#945842)
- Fix linker segmentation fault when building SLOF on ppc64le. (bsc#949000)
- Fix no_instrument_function attribute handling on PPC64 with -mprofile-kernel. (bsc#947791)
- Fix internal compiler error with aarch64 target using PCH and builtin functions. (bsc#947772)
- Fix libffi issues on aarch64. (bsc#948168)
Список пакетов
openSUSE Leap 42.1
cpp48-4.8.5-18.1
cross-aarch64-gcc48-icecream-backend-4.8.5-18.2
cross-armv6hl-gcc48-icecream-backend-4.8.5-18.2
cross-armv7hl-gcc48-icecream-backend-4.8.5-18.2
cross-hppa-gcc48-icecream-backend-4.8.5-18.2
cross-i386-gcc48-icecream-backend-4.8.5-18.2
cross-ia64-gcc48-icecream-backend-4.8.5-18.2
cross-ppc-gcc48-icecream-backend-4.8.5-18.2
cross-ppc64-gcc48-icecream-backend-4.8.5-18.2
cross-ppc64le-gcc48-icecream-backend-4.8.5-18.2
cross-s390-gcc48-icecream-backend-4.8.5-18.2
cross-s390x-gcc48-icecream-backend-4.8.5-18.2
gcc48-4.8.5-18.1
gcc48-32bit-4.8.5-18.1
gcc48-ada-4.8.5-18.1
gcc48-ada-32bit-4.8.5-18.1
gcc48-c++-4.8.5-18.1
gcc48-fortran-4.8.5-18.1
gcc48-fortran-32bit-4.8.5-18.1
gcc48-gij-4.8.5-18.1
gcc48-gij-32bit-4.8.5-18.1
gcc48-info-4.8.5-18.1
gcc48-java-4.8.5-18.1
gcc48-locale-4.8.5-18.1
gcc48-obj-c++-4.8.5-18.1
gcc48-objc-4.8.5-18.1
gcc48-objc-32bit-4.8.5-18.1
gcc48-testresults-4.8.5-18.3
gdb-7.9.1-7.1
gdb-testresults-7.9.1-7.1
gdbserver-7.9.1-7.1
libada48-4.8.5-18.1
libada48-32bit-4.8.5-18.1
libasan0-4.8.5-18.1
libasan0-32bit-4.8.5-18.1
libatomic1-gcc48-4.8.5-18.1
libatomic1-gcc48-32bit-4.8.5-18.1
libffi4-gcc48-4.8.5-18.1
libffi4-gcc48-32bit-4.8.5-18.1
libffi48-4.8.5-18.1
libffi48-devel-4.8.5-18.1
libffi48-devel-32bit-4.8.5-18.1
libgcc_s1-gcc48-4.8.5-18.1
libgcc_s1-gcc48-32bit-4.8.5-18.1
libgcj48-4.8.5-18.1
libgcj48-32bit-4.8.5-18.1
libgcj48-devel-4.8.5-18.1
libgcj48-devel-32bit-4.8.5-18.1
libgcj48-jar-4.8.5-18.1
libgcj_bc1-gcc48-4.8.5-18.1
libgfortran3-gcc48-4.8.5-18.1
libgfortran3-gcc48-32bit-4.8.5-18.1
libgomp1-gcc48-4.8.5-18.1
libgomp1-gcc48-32bit-4.8.5-18.1
libitm1-gcc48-4.8.5-18.1
libitm1-gcc48-32bit-4.8.5-18.1
libobjc4-4.8.5-18.1
libobjc4-32bit-4.8.5-18.1
libquadmath0-gcc48-4.8.5-18.1
libquadmath0-gcc48-32bit-4.8.5-18.1
libstdc++48-devel-4.8.5-18.1
libstdc++48-devel-32bit-4.8.5-18.1
libstdc++48-doc-4.8.5-18.1
libstdc++6-gcc48-4.8.5-18.1
libstdc++6-gcc48-32bit-4.8.5-18.1
libstdc++6-gcc48-locale-4.8.5-18.1
libtsan0-gcc48-4.8.5-18.1
Ссылки
- E-Mail link for openSUSE-SU-2015:1946-1
- SUSE Security Ratings
Описание
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
Затронутые продукты
openSUSE Leap 42.1:cpp48-4.8.5-18.1
openSUSE Leap 42.1:cross-aarch64-gcc48-icecream-backend-4.8.5-18.2
openSUSE Leap 42.1:cross-armv6hl-gcc48-icecream-backend-4.8.5-18.2
openSUSE Leap 42.1:cross-armv7hl-gcc48-icecream-backend-4.8.5-18.2
Ссылки
- CVE-2015-5276
- SUSE Bug 945842