SUSE-SU-2017:0379-1: moderate: Security update for gcc48

Fri Feb 3 16:07:36 MST 2017

   SUSE Security Update: Security update for gcc48
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:0379-1
Rating:             moderate
References:         #1011348 #889990 #899871 #917169 #919274 
                    #922534 #924525 #924687 #930176 #934689 #945842 
                    #947772 #947791 #948168 #949000 #951644 #955382 
                    #970009 #976627 #977654 #981311 #988274 
Cross-References:   CVE-2015-5276
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that solves one vulnerability and has 21 fixes is
   now available.

Description:

   This update for gcc48 to version 4.8.5 fixes several issues.

   This security issue was fixed:

   - CVE-2015-5276: The std::random_device class in libstdc++ did not
     properly handle short reads from blocking sources, which made it easier
     for context-dependent attackers to predict the random values via
     unspecified vectors (bsc#945842).

   These non-security issues were fixed:

   - Provide missing libasan0-32bit and other multilibs via the updated
     product description [bsc#951644]
   - Fixed libffi issue for armv7l [bsc#988274]
   - Fixed libffi issue for armv7l [bsc#988274]
   - Fixed a kernel miscompile on aarch64 [bnc#981311]
   - Fixed a ppc64le ICE. [bnc#976627]
   - Fixed issue with using gcov and #pragma pack [bsc#977654]
   - Fixed samba build on AARCH64 [bsc#970009]
   - Fixed HTM builtins on powerpc [bsc#955382]
   - Fixed build of SLOF [bsc#949000]
   - Fixed libffi issues on aarch64 [bsc#948168]
   - Fixed no_instrument_function attribute handling on PPC64 with
     -mprofile-kernel [bsc#947791]
   - Fixed bogus integer overflow in constant expression [bsc#934689]
   - Fixed ICE with atomics on aarch64 [bsc#930176]
   - Fixed -imacros bug [bsc#917169]
   - Fixed incorrect -Warray-bounds warnings [bsc#919274]
   - Updated -mhotpatch for s390x [bsc#924525]
   - Fixed ppc64le issue with doubleword vector extract [bsc#924687]
   - Fixed reload issue on S390.
   - Keep functions leaf when they are instrumented for profiling on s390[x]
     [bsc#899871]
   - Avoid accessing invalid memory when passing aggregates by value
     [bsc#922534]
   - Rework of the memory allocator for C++ exceptions used in OOM situations
     [bsc#889990]

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11-SP4:

      zypper in -t patch sdksp4-gcc48-12968=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-gcc48-12968=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      cpp48-4.8.5-4.2
      gcc48-4.8.5-4.2
      gcc48-c++-4.8.5-4.2
      gcc48-fortran-4.8.5-4.2
      gcc48-info-4.8.5-4.2
      gcc48-locale-4.8.5-4.2
      libstdc++48-devel-4.8.5-4.2

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64):

      gcc48-32bit-4.8.5-4.2
      gcc48-fortran-32bit-4.8.5-4.2
      libstdc++48-devel-32bit-4.8.5-4.2

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 x86_64):

      libasan0-4.8.5-4.2

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 x86_64):

      libasan0-32bit-4.8.5-4.2

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      gcc48-debuginfo-4.8.5-4.2

   - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64):

      gcc48-debugsource-4.8.5-4.2

References:

   https://www.suse.com/security/cve/CVE-2015-5276.html
   https://bugzilla.suse.com/1011348
   https://bugzilla.suse.com/889990
   https://bugzilla.suse.com/899871
   https://bugzilla.suse.com/917169
   https://bugzilla.suse.com/919274
   https://bugzilla.suse.com/922534
   https://bugzilla.suse.com/924525
   https://bugzilla.suse.com/924687
   https://bugzilla.suse.com/930176
   https://bugzilla.suse.com/934689
   https://bugzilla.suse.com/945842
   https://bugzilla.suse.com/947772
   https://bugzilla.suse.com/947791
   https://bugzilla.suse.com/948168
   https://bugzilla.suse.com/949000
   https://bugzilla.suse.com/951644
   https://bugzilla.suse.com/955382
   https://bugzilla.suse.com/970009
   https://bugzilla.suse.com/976627
   https://bugzilla.suse.com/977654
   https://bugzilla.suse.com/981311
   https://bugzilla.suse.com/988274