SUSE-SU-2015:1833-1: moderate: Security update for gcc48

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Oct 27 10:09:48 MDT 2015


   SUSE Security Update: Security update for gcc48
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:1833-1
Rating:             moderate
References:         #945842 #947772 #947791 #948168 #949000 
Cross-References:   CVE-2015-5276
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12
                    SUSE Linux Enterprise Software Development Kit 12
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves one vulnerability and has four fixes
   is now available.

Description:

   This update for GCC 4.8 provides the following fixes:

   - Fix C++11 std::random_device short read issue that could lead to
     predictable randomness. (CVE-2015-5276, bsc#945842)
   - Fix linker segmentation fault when building SLOF on ppc64le. (bsc#949000)
   - Fix no_instrument_function attribute handling on PPC64 with
     -mprofile-kernel. (bsc#947791)
   - Fix internal compiler error with aarch64 target using PCH and builtin
     functions. (bsc#947772)
   - Fix libffi issues on aarch64. (bsc#948168)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12:

      zypper in -t patch SUSE-SLE-WE-12-2015-756=1

   - SUSE Linux Enterprise Software Development Kit 12:

      zypper in -t patch SUSE-SLE-SDK-12-2015-756=1

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-756=1

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-756=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12 (x86_64):

      gcc48-gij-32bit-4.8.5-24.1
      gcc48-gij-4.8.5-24.1
      gcc48-gij-debuginfo-32bit-4.8.5-24.1
      gcc48-gij-debuginfo-4.8.5-24.1
      libgcj48-32bit-4.8.5-24.1
      libgcj48-4.8.5-24.1
      libgcj48-debuginfo-32bit-4.8.5-24.1
      libgcj48-debuginfo-4.8.5-24.1
      libgcj48-debugsource-4.8.5-24.1
      libgcj48-jar-4.8.5-24.1
      libgcj_bc1-4.8.5-24.1

   - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):

      gcc48-debuginfo-4.8.5-24.1
      gcc48-debugsource-4.8.5-24.1
      gcc48-fortran-4.8.5-24.1
      gcc48-fortran-debuginfo-4.8.5-24.1
      gcc48-gij-4.8.5-24.1
      gcc48-gij-debuginfo-4.8.5-24.1
      gcc48-java-4.8.5-24.1
      gcc48-java-debuginfo-4.8.5-24.1
      gcc48-obj-c++-4.8.5-24.1
      gcc48-obj-c++-debuginfo-4.8.5-24.1
      gcc48-objc-4.8.5-24.1
      gcc48-objc-debuginfo-4.8.5-24.1
      libffi48-debugsource-4.8.5-24.1
      libffi48-devel-4.8.5-24.1
      libgcj48-4.8.5-24.1
      libgcj48-debuginfo-4.8.5-24.1
      libgcj48-debugsource-4.8.5-24.1
      libgcj48-devel-4.8.5-24.1
      libgcj48-devel-debuginfo-4.8.5-24.1
      libgcj48-jar-4.8.5-24.1
      libgcj_bc1-4.8.5-24.1
      libobjc4-4.8.5-24.1
      libobjc4-debuginfo-4.8.5-24.1

   - SUSE Linux Enterprise Software Development Kit 12 (s390x x86_64):

      gcc48-objc-32bit-4.8.5-24.1
      libobjc4-32bit-4.8.5-24.1

   - SUSE Linux Enterprise Software Development Kit 12 (x86_64):

      gcc48-ada-4.8.5-24.1
      gcc48-ada-debuginfo-4.8.5-24.1
      libada48-4.8.5-24.1
      libada48-debuginfo-4.8.5-24.1

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      cpp48-4.8.5-24.1
      cpp48-debuginfo-4.8.5-24.1
      gcc48-4.8.5-24.1
      gcc48-c++-4.8.5-24.1
      gcc48-c++-debuginfo-4.8.5-24.1
      gcc48-debuginfo-4.8.5-24.1
      gcc48-debugsource-4.8.5-24.1
      gcc48-locale-4.8.5-24.1
      libstdc++48-devel-4.8.5-24.1

   - SUSE Linux Enterprise Server 12 (s390x x86_64):

      gcc48-32bit-4.8.5-24.1
      libstdc++48-devel-32bit-4.8.5-24.1

   - SUSE Linux Enterprise Server 12 (x86_64):

      libasan0-32bit-4.8.5-24.1
      libasan0-32bit-debuginfo-4.8.5-24.1
      libasan0-4.8.5-24.1
      libasan0-debuginfo-4.8.5-24.1

   - SUSE Linux Enterprise Server 12 (noarch):

      gcc48-info-4.8.5-24.1

   - SUSE Linux Enterprise Server 12 (s390x):

      libffi48-debugsource-4.8.5-24.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      cpp48-4.8.5-24.1
      cpp48-debuginfo-4.8.5-24.1
      gcc48-32bit-4.8.5-24.1
      gcc48-4.8.5-24.1
      gcc48-c++-4.8.5-24.1
      gcc48-c++-debuginfo-4.8.5-24.1
      gcc48-debuginfo-4.8.5-24.1
      gcc48-debugsource-4.8.5-24.1
      gcc48-gij-32bit-4.8.5-24.1
      gcc48-gij-4.8.5-24.1
      gcc48-gij-debuginfo-32bit-4.8.5-24.1
      gcc48-gij-debuginfo-4.8.5-24.1
      libasan0-32bit-4.8.5-24.1
      libasan0-32bit-debuginfo-4.8.5-24.1
      libasan0-4.8.5-24.1
      libasan0-debuginfo-4.8.5-24.1
      libgcj48-32bit-4.8.5-24.1
      libgcj48-4.8.5-24.1
      libgcj48-debuginfo-32bit-4.8.5-24.1
      libgcj48-debuginfo-4.8.5-24.1
      libgcj48-debugsource-4.8.5-24.1
      libgcj48-jar-4.8.5-24.1
      libgcj_bc1-4.8.5-24.1
      libstdc++48-devel-32bit-4.8.5-24.1
      libstdc++48-devel-4.8.5-24.1

   - SUSE Linux Enterprise Desktop 12 (noarch):

      gcc48-info-4.8.5-24.1


References:

   https://www.suse.com/security/cve/CVE-2015-5276.html
   https://bugzilla.suse.com/945842
   https://bugzilla.suse.com/947772
   https://bugzilla.suse.com/947791
   https://bugzilla.suse.com/948168
   https://bugzilla.suse.com/949000



More information about the sle-security-updates mailing list