SUSE-CU-2020:56-1: Security update of suse/sles12sp4
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Feb 19 11:35:56 MST 2020
SUSE Container Update Advisory: suse/sles12sp4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:56-1
Container Tags : suse/sles12sp4:26.137 , suse/sles12sp4:latest
Container Release : 26.137
Severity : moderate
Type : security
References : 1114592 1135254 1141897 1142649 1142654 1148517 1149145 CVE-2019-14250
CVE-2019-15847
-----------------------------------------------------------------
The container suse/sles12sp4 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:394-1
Released: Tue Feb 18 14:08:00 2020
Summary: Security update for gcc9
Type: security
Severity: moderate
References: 1114592,1135254,1141897,1142649,1142654,1148517,1149145,CVE-2019-14250,CVE-2019-15847
Description:
This update for gcc9 fixes the following issues:
The GNU Compiler Collection is shipped in version 9.
A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html
The compilers have been added to the SUSE Linux Enterprise Toolchain Module.
To use these compilers, install e.g. gcc9, gcc9-c++ and build with CC=gcc-9
CXX=g++-9 set.
For SUSE Linux Enterprise base products, the libstdc++6, libgcc_s1 and
other compiler libraries have been switched from their gcc8 variants to
their gcc9 variants.
Security issues fixed:
- CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)
- CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)
Non-security issues fixed:
- Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)
- Fixed miscompilation for vector shift on s390. (bsc#1141897)
More information about the sle-security-updates
mailing list