Security update for gcc5

SUSE Security Update: Security update for gcc5
Announcement ID: SUSE-SU-2016:0908-1
Rating: moderate
References: #939460 #945842 #953831 #955382 #962765 #964468 #966220 #968771
Affected Products:
  • SUSE Linux Enterprise Debuginfo 11-SP4
    		•

    An update that solves one vulnerability and has 7 fixes is now available.

    Description:


    The GNU Compiler Collection was updated to version 5.3.1, which brings
    several fixes and enhancements.

    The following security issue has been fixed:

    - Fix C++11 std::random_device short read issue that could lead to
    predictable randomness. (CVE-2015-5276, bsc#945842)

    The following non-security issues have been fixed:

    - Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned.
    Fixes internal compiler error when building Wine. (bsc#966220)
    - Fix a PowerPC specific issue in gcc-go that broke compilation of newer
    versions of Docker. (bsc#964468)
    - Fix HTM built-ins on PowerPC. (bsc#955382)
    - Fix libgo certificate lookup. (bsc#953831)
    - Suppress deprecated-declarations warnings for inline definitions of
    deprecated virtual methods. (bsc#939460)
    - Revert accidental libffi ABI breakage on aarch64. (bsc#968771)
    - On x86_64, set default 32bit code generation to -march=x86-64 rather
    than -march=i586.
    - Add experimental File System TS library.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Debuginfo 11-SP4:
      zypper in -t patch dbgsp4-gcc5-12477=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64):
      • gcc5-debuginfo-5.3.1+r233831-10.1
      • libffi-gcc5-debuginfo-5.3.1+r233831-10.1
    • SUSE Linux Enterprise Debuginfo 11-SP4 (ia64):
      • gcc5-debugsource-5.3.1+r233831-10.1

    References: