Описание
Security update for gcc7
This update for gcc7 fixes the following issues:
- CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue (bsc#1172798)
- Enable fortran for the nvptx offload compiler.
- Update README.First-for.SuSE.packagers
- avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel.
- Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its default enabling. [jsc#SLE-12209, bsc#1167939]
- Fixed 32bit libgnat.so link. [bsc#1178675]
- Fixed memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577]
- Fixed debug line info for try/catch. [bsc#1178614]
- Remove -mbranch-protection=standard (aarch64 flag) when gcc7 is used to build gcc7 (ie when ada is enabled)
- Fixed corruption of pass private ->aux via DF. [gcc#94148]
- Fixed debug information issue with inlined functions and passed by reference arguments. [gcc#93888]
- Fixed binutils release date detection issue.
- Fixed register allocation issue with exception handling code on s390x. [bsc#1161913]
- Fixed miscompilation of some atomic code on aarch64. [bsc#1150164]
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
cpp7-7.5.0+r278197-lp151.2.15.1
gcc7-7.5.0+r278197-lp151.2.15.1
gcc7-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-ada-7.5.0+r278197-lp151.2.15.1
gcc7-ada-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-c++-7.5.0+r278197-lp151.2.15.1
gcc7-c++-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-fortran-7.5.0+r278197-lp151.2.15.1
gcc7-fortran-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-go-7.5.0+r278197-lp151.2.15.1
gcc7-go-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-info-7.5.0+r278197-lp151.2.15.1
gcc7-locale-7.5.0+r278197-lp151.2.15.1
gcc7-obj-c++-7.5.0+r278197-lp151.2.15.1
gcc7-obj-c++-32bit-7.5.0+r278197-lp151.2.15.1
gcc7-objc-7.5.0+r278197-lp151.2.15.1
gcc7-objc-32bit-7.5.0+r278197-lp151.2.15.1
libada7-7.5.0+r278197-lp151.2.15.1
libada7-32bit-7.5.0+r278197-lp151.2.15.1
libasan4-7.5.0+r278197-lp151.2.15.1
libasan4-32bit-7.5.0+r278197-lp151.2.15.1
libcilkrts5-7.5.0+r278197-lp151.2.15.1
libcilkrts5-32bit-7.5.0+r278197-lp151.2.15.1
libgfortran4-7.5.0+r278197-lp151.2.15.1
libgfortran4-32bit-7.5.0+r278197-lp151.2.15.1
libgo11-7.5.0+r278197-lp151.2.15.1
libgo11-32bit-7.5.0+r278197-lp151.2.15.1
libstdc++6-devel-gcc7-7.5.0+r278197-lp151.2.15.1
libstdc++6-devel-gcc7-32bit-7.5.0+r278197-lp151.2.15.1
libubsan0-7.5.0+r278197-lp151.2.15.1
libubsan0-32bit-7.5.0+r278197-lp151.2.15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:2300-1
- SUSE Security Ratings
- SUSE Bug 1150164
- SUSE Bug 1161913
- SUSE Bug 1167939
- SUSE Bug 1172798
- SUSE Bug 1178577
- SUSE Bug 1178614
- SUSE Bug 1178624
- SUSE Bug 1178675
- SUSE CVE CVE-2020-13844 page
Описание
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
Затронутые продукты
openSUSE Leap 15.1:cpp7-7.5.0+r278197-lp151.2.15.1
openSUSE Leap 15.1:gcc7-32bit-7.5.0+r278197-lp151.2.15.1
openSUSE Leap 15.1:gcc7-7.5.0+r278197-lp151.2.15.1
openSUSE Leap 15.1:gcc7-ada-32bit-7.5.0+r278197-lp151.2.15.1
Ссылки
- CVE-2020-13844
- SUSE Bug 1172798