<div class="container">
    <h1>Security update for gdb</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-2023:2485-1</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>moderate</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1068950">#1068950</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1081527">#1081527</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192285">#1192285</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207712">#1207712</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210081">#1210081</a>
                        </li>
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2017-16829.html">CVE-2017-16829</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2018-7208.html">CVE-2018-7208</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2017-16829</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.3</span>
                                <span class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2017-16829</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.8</span>
                                <span class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2018-7208</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">3.3</span>
                                <span class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2018-7208</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.8</span>
                                <span class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Software Development Kit 12 SP5</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves two vulnerabilities, contains two features and has three fixes can now be installed.</p>

    <h2>Description:</h2>
    <p>This update for gdb fixes the following issues:</p>
<p>gdb was updated to 12.1. (jsc#SLE-21561)</p>
<ul>
<li>
<p>DBX mode is deprecated, and will be removed in GDB 13.</p>
</li>
<li>
<p>GDB 12 is the last release of GDB that will support building against
  Python 2.  From GDB 13, it will only be possible to build GDB itself
  with Python 3 support.</p>
</li>
<li>
<p>Improved C++ template support:</p>
</li>
</ul>
<p>GDB now treats functions/types involving C++ templates like it does function
  overloads.  Users may omit parameter lists to set breakpoints on families of
  template functions, including types/functions composed of multiple template types:
    (gdb) break template_func(template_1, int)
  The above will set breakpoints at every function <code>template_func&#x27; where
  the first function parameter is any template type named</code>template_1&#x27; and
  the second function parameter is `int&#x27;.
  TAB completion also gains similar improvements.</p>
<ul>
<li>
<p>New commands:</p>
</li>
<li>
<p>maint set backtrace-on-fatal-signal on|off</p>
</li>
<li>maint show backtrace-on-fatal-signal</li>
</ul>
<p>This setting is &#x27;on&#x27; by default.  When &#x27;on&#x27; GDB will print a limited
  backtrace to stderr in the situation where GDB terminates with a
  fatal signal.  This only supported on some platforms where the
  backtrace and backtrace_symbols_fd functions are available.</p>
<ul>
<li>set source open on|off</li>
<li>show source open</li>
</ul>
<p>This setting, which is on by default, controls whether GDB will try
  to open source code files.  Switching this off will stop GDB trying
  to open and read source code files, which can be useful if the files
  are located over a slow network connection.</p>
<ul>
<li>set varsize-limit</li>
<li>show varsize-limit</li>
</ul>
<p>These are now deprecated aliases for "set max-value-size" and
  "show max-value-size".</p>
<ul>
<li>task apply [all | TASK-IDS...] [FLAG]... COMMAND</li>
</ul>
<p>Like "thread apply", but applies COMMAND to Ada tasks.</p>
<ul>
<li>watch [...] task ID</li>
</ul>
<p>Watchpoints can now be restricted to a specific Ada task.</p>
<ul>
<li>maint set internal-error backtrace on|off</li>
<li>maint show internal-error backtrace</li>
<li>maint set internal-warning backtrace on|off</li>
<li>maint show internal-warning backtrace</li>
</ul>
<p>GDB can now print a backtrace of itself when it encounters either an
  internal-error, or an internal-warning.  This is on by default for
  internal-error and off by default for internal-warning.</p>
<ul>
<li>set logging on|off</li>
</ul>
<p>Deprecated and replaced by "set logging enabled on|off".</p>
<ul>
<li>set logging enabled on|off</li>
<li>show logging enabled</li>
</ul>
<p>These commands set or show whether logging is enabled or disabled.</p>
<ul>
<li>exit</li>
</ul>
<p>You can now exit GDB by using the new command "exit", in addition to
  the existing "quit" command.</p>
<ul>
<li>set debug threads on|off</li>
<li>show debug threads</li>
</ul>
<p>Print additional debug messages about thread creation and deletion.</p>
<ul>
<li>set debug linux-nat on|off</li>
<li>show debug linux-nat</li>
</ul>
<p>These new commands replaced the old &#x27;set debug lin-lwp&#x27; and &#x27;show
  debug lin-lwp&#x27; respectively.  Turning this setting on prints debug
  messages relating to GDB&#x27;s handling of native Linux inferiors.</p>
<ul>
<li>maint flush source-cache</li>
</ul>
<p>Flush the contents of the source code cache.</p>
<ul>
<li>maint set gnu-source-highlight enabled on|off</li>
<li>maint show gnu-source-highlight enabled</li>
</ul>
<p>Whether GDB should use the GNU Source Highlight library for adding
  styling to source code.  When off, the library will not be used, even
  when available.  When GNU Source Highlight isn&#x27;t used, or can&#x27;t add
  styling to a particular source file, then the Python Pygments
  library will be used instead.</p>
<ul>
<li>set suppress-cli-notifications (on|off)</li>
<li>show suppress-cli-notifications</li>
</ul>
<p>This controls whether printing the notifications is suppressed for CLI.
  CLI notifications occur when you change the selected context
  (i.e., the current inferior, thread and/or the frame), or when
  the program being debugged stops (e.g., because of hitting a
  breakpoint, completing source-stepping, an interrupt, etc.).</p>
<ul>
<li>set style disassembler enabled on|off</li>
<li>show style disassembler enabled</li>
</ul>
<p>If GDB is compiled with Python support, and the Python Pygments
  package is available, then, when this setting is on, disassembler
  output will have styling applied.</p>
<ul>
<li>set ada source-charset</li>
<li>show ada source-charset</li>
</ul>
<p>Set the character set encoding that is assumed for Ada symbols.  Valid
  values for this follow the values that can be passed to the GNAT
  compiler via the &#x27;-gnati&#x27; option.  The default is ISO-8859-1.</p>
<ul>
<li>
<p>Changed commands:</p>
</li>
<li>
<p>print</p>
</li>
</ul>
<p>Printing of floating-point values with base-modifying formats like
  /x has been changed to display the underlying bytes of the value in
  the desired base.  This was GDB&#x27;s documented behavior, but was never
  implemented correctly.</p>
<ul>
<li>maint packet</li>
</ul>
<p>This command can now print a reply, if the reply includes
  non-printable characters.  Any non-printable characters are printed
  as escaped hex, e.g. \x?? where &#x27;??&#x27; is replaces with the value of
  the non-printable character.</p>
<ul>
<li>
<p>clone-inferior
  The clone-inferior command now ensures that the TTY, CMD and ARGS
  settings are copied from the original inferior to the new one.
  All modifications to the environment variables done using the &#x27;set
  environment&#x27; or &#x27;unset environment&#x27; commands are also copied to the new
  inferior.</p>
</li>
<li>
<p>set debug lin-lwp on|off</p>
</li>
<li>show debug lin-lwp</li>
</ul>
<p>These commands have been removed from GDB.  The new command &#x27;set
  debug linux-nat&#x27; and &#x27;show debug linux-nat&#x27; should be used
  instead.</p>
<ul>
<li>info win</li>
</ul>
<p>This command now includes information about the width of the tui
  windows in its output.</p>
<ul>
<li>
<p>GDB&#x27;s Ada parser now supports an extension for specifying the exact
  byte contents of a floating-point literal.  This can be useful for
  setting floating-point registers to a precise value without loss of
  precision.  The syntax is an extension of the based literal syntax.
  Use, e.g., "16lf#0123abcd#" -- the number of "l"s controls the width
  of the floating-point type, and the "f" is the marker for floating
  point.</p>
</li>
<li>
<p>MI changes:</p>
</li>
</ul>
<p>** The &#x27;-add-inferior&#x27; with no option flags now inherits the
    connection of the current inferior, this restores the behaviour of
    GDB as it was prior to GDB 10.</p>
<p>** The &#x27;-add-inferior&#x27; command now accepts a &#x27;--no-connection&#x27;
    option, which causes the new inferior to start without a
    connection.</p>
<ul>
<li>Python API:</li>
</ul>
<p>** New function gdb.add_history(), which takes a gdb.Value object
     and adds the value it represents to GDB&#x27;s history list.  An
     integer, the index of the new item in the history list, is
     returned.</p>
<p>** New function gdb.history_count(), which returns the number of
     values in GDB&#x27;s value history.</p>
<p>** New gdb.events.gdb_exiting event.  This event is called with a
     gdb.GdbExitingEvent object which has the read-only attribute
     &#x27;exit_code&#x27;, which contains the value of the GDB exit code.  This
     event is triggered once GDB decides it is going to exit, but
     before GDB starts to clean up its internal state.</p>
<p>** New function gdb.architecture_names(), which returns a list
     containing all of the possible Architecture.name() values.  Each
     entry is a string.</p>
<p>** New function gdb.Architecture.integer_type(), which returns an
     integer type given a size and a signed-ness.</p>
<p>** New gdb.TargetConnection object type that represents a connection
     (as displayed by the &#x27;info connections&#x27; command).  A sub-class,
     gdb.RemoteTargetConnection, is used to represent &#x27;remote&#x27; and
     &#x27;extended-remote&#x27; connections.</p>
<p>** The gdb.Inferior type now has a &#x27;connection&#x27; property which is an
     instance of gdb.TargetConnection, the connection used by this
     inferior.  This can be None if the inferior has no connection.</p>
<p>** New &#x27;gdb.events.connection_removed&#x27; event registry, which emits a
     &#x27;gdb.ConnectionEvent&#x27; when a connection is removed from GDB.
     This event has a &#x27;connection&#x27; property, a gdb.TargetConnection
     object for the connection being removed.</p>
<p>** New gdb.connections() function that returns a list of all
     currently active connections.</p>
<p>** New gdb.RemoteTargetConnection.send_packet(PACKET) method.  This
     is equivalent to the existing &#x27;maint packet&#x27; CLI command; it
     allows a user specified packet to be sent to the remote target.</p>
<p>** New function gdb.host_charset(), returns a string, which is the
     name of the current host charset.</p>
<p>** New gdb.set_parameter(NAME, VALUE).  This sets the gdb parameter
     NAME to VALUE.</p>
<p>** New gdb.with_parameter(NAME, VALUE).  This returns a context
     manager that temporarily sets the gdb parameter NAME to VALUE,
     then resets it when the context is exited.</p>
<p>** The gdb.Value.format_string method now takes a &#x27;styling&#x27;
     argument, which is a boolean.  When true, the returned string can
     include escape sequences to apply styling.  The styling will only
     be present if styling is otherwise turned on in GDB (see &#x27;help
     set styling&#x27;).  When false, which is the default if the argument
     is not given, then no styling is applied to the returned string.</p>
<p>** New read-only attribute gdb.InferiorThread.details, which is
     either a string, containing additional, target specific thread
     state information, or None, if there is no such additional
     information.</p>
<p>** New read-only attribute gdb.Type.is_scalar, which is True for
     scalar types, and False for all other types.</p>
<p>** New read-only attribute gdb.Type.is_signed.  This attribute
     should only be read when Type.is_scalar is True, and will be True
     for signed types, and False for all other types.  Attempting to
     read this attribute for non-scalar types will raise a ValueError.</p>
<p>** It is now possible to add GDB/MI commands implemented in Python.</p>
<ul>
<li>
<p>Update libipt to v2.0.5.</p>
</li>
<li>
<p>CVE-2018-7208: Fixed improper bounds check in coffgen.c:coff_pointerize_aux() that allowed for denial of service when parsing a crafted COFF file (bsc#1081527).</p>
</li>
<li>CVE-2017-16829: Fixed possible remote denial of service via the _bfd_elf_parse_gnu_properties() function in elf-properties.c (bsc#1068950).</li>
</ul>
<p>Bug fixes:</p>
<ul>
<li>Fixed license (bsc#1210081).</li>
<li>Advertises RHEL version support status (bsc#1207712).</li>
<li>Fixed crashes while debugging a clang-cpp app (bsc#1192285).</li>
</ul>

    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE Moderate update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                SUSE Linux Enterprise Software Development Kit 12 SP5
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-2485=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                SUSE Linux Enterprise High Performance Computing 12 SP5
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2485=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                SUSE Linux Enterprise Server 12 SP5
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2485=1</code>
                    
                    
                
            </li>
        
            <li class="list-group-item">
                SUSE Linux Enterprise Server for SAP Applications 12 SP5
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2485=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>gdb-debuginfo-12.1-2.20.1</li>
                        
                            <li>gdb-debugsource-12.1-2.20.1</li>
                        
                            <li>gdbserver-12.1-2.20.1</li>
                        
                            <li>gdbserver-debuginfo-12.1-2.20.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    SUSE Linux Enterprise Software Development Kit 12 SP5 (s390x)
                    <ul>
                        
                            <li>gdb-debuginfo-32bit-12.1-2.20.1</li>
                        
                            <li>gdbserver-debuginfo-32bit-12.1-2.20.1</li>
                        
                            <li>gdbserver-32bit-12.1-2.20.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
                    <ul>
                        
                            <li>gdb-12.1-2.20.1</li>
                        
                            <li>gdb-debugsource-12.1-2.20.1</li>
                        
                            <li>gdb-debuginfo-12.1-2.20.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>gdb-12.1-2.20.1</li>
                        
                            <li>gdb-debugsource-12.1-2.20.1</li>
                        
                            <li>gdb-debuginfo-12.1-2.20.1</li>
                        
                    </ul>
                </li>
            
        
            
                <li>
                    SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
                    <ul>
                        
                            <li>gdb-12.1-2.20.1</li>
                        
                            <li>gdb-debugsource-12.1-2.20.1</li>
                        
                            <li>gdb-debuginfo-12.1-2.20.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2017-16829.html">https://www.suse.com/security/cve/CVE-2017-16829.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2018-7208.html">https://www.suse.com/security/cve/CVE-2018-7208.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1068950">https://bugzilla.suse.com/show_bug.cgi?id=1068950</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1081527">https://bugzilla.suse.com/show_bug.cgi?id=1081527</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192285">https://bugzilla.suse.com/show_bug.cgi?id=1192285</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207712">https://bugzilla.suse.com/show_bug.cgi?id=1207712</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210081">https://bugzilla.suse.com/show_bug.cgi?id=1210081</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/SLE-21561">https://jira.suse.com/browse/SLE-21561</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/SLE-22287">https://jira.suse.com/browse/SLE-22287</a>
                    </li>
                
            
        </ul>
    
</div>