Security update for gcc5

Announcement ID: SUSE-SU-2016:0908-1
Rating: moderate
References:
Cross-References:
CVSS scores:
Affected Products:
  • SLES for SAP Applications 11-SP4
  • SUSE Linux Enterprise Desktop 11 SP4
  • SUSE Linux Enterprise Server 11 SP4
  • SUSE Linux Enterprise Software Development Kit 11 SP4

An update that solves one vulnerability and has seven security fixes can now be installed.

Description:

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements.

The following security issue has been fixed:

  • Fix C++11 std::random_device short read issue that could lead to predictable randomness. (CVE-2015-5276, bsc#945842)

The following non-security issues have been fixed:

  • Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned. Fixes internal compiler error when building Wine. (bsc#966220)
  • Fix a PowerPC specific issue in gcc-go that broke compilation of newer versions of Docker. (bsc#964468)
  • Fix HTM built-ins on PowerPC. (bsc#955382)
  • Fix libgo certificate lookup. (bsc#953831)
  • Suppress deprecated-declarations warnings for inline definitions of deprecated virtual methods. (bsc#939460)
  • Revert accidental libffi ABI breakage on aarch64. (bsc#968771)
  • On x86_64, set default 32bit code generation to -march=x86-64 rather than -march=i586.
  • Add experimental File System TS library.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Desktop 11 SP4
    zypper in -t patch sledsp4-gcc5-12484=1
  • SUSE Linux Enterprise Software Development Kit 11 SP4
    zypper in -t patch sdksp4-gcc5-12484=1
  • SUSE Linux Enterprise Server 11 SP4
    zypper in -t patch slessp4-gcc5-12484=1
  • SLES for SAP Applications 11-SP4
    zypper in -t patch slessp4-gcc5-12484=1

Package List:

  • SUSE Linux Enterprise Desktop 11 SP4 (x86_64 i586)
    • libgfortran3-5.3.1+r233831-10.1
    • libgcc_s1-5.3.1+r233831-10.1
    • libstdc++6-locale-5.3.1+r233831-10.1
    • libquadmath0-5.3.1+r233831-10.1
    • libgomp1-5.3.1+r233831-10.1
    • libstdc++6-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Desktop 11 SP4 (x86_64)
    • libquadmath0-32bit-5.3.1+r233831-10.1
    • libgomp1-32bit-5.3.1+r233831-10.1
    • libgcc_s1-32bit-5.3.1+r233831-10.1
    • libstdc++6-32bit-5.3.1+r233831-10.1
    • libgfortran3-32bit-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (ppc64 x86_64 i586)
    • libasan2-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (ia64 i586)
    • libgfortran3-5.3.1+r233831-10.1
    • libatomic1-5.3.1+r233831-10.1
    • libquadmath0-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (x86_64 i586)
    • libcilkrts5-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (ppc64 s390x x86_64 i586)
    • libitm1-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (s390x x86_64 i586 ppc64 ia64)
    • libstdc++6-devel-gcc5-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (ppc64 s390x x86_64)
    • libffi-devel-gcc5-5.3.1+r233831-10.1
    • libstdc++6-devel-gcc5-32bit-5.3.1+r233831-10.1
    • gcc5-32bit-5.3.1+r233831-10.1
    • gcc5-locale-5.3.1+r233831-10.1
    • cpp5-5.3.1+r233831-10.1
    • libffi-devel-gcc5-32bit-5.3.1+r233831-10.1
    • gcc5-c++-32bit-5.3.1+r233831-10.1
    • gcc5-c++-5.3.1+r233831-10.1
    • gcc5-fortran-5.3.1+r233831-10.1
    • gcc5-info-5.3.1+r233831-10.1
    • gcc5-5.3.1+r233831-10.1
    • libitm1-32bit-5.3.1+r233831-10.1
    • gcc5-fortran-32bit-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (ppc64 x86_64)
    • libubsan0-32bit-5.3.1+r233831-10.1
    • libasan2-32bit-5.3.1+r233831-10.1
    • libubsan0-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Software Development Kit 11 SP4 (x86_64)
    • libtsan0-5.3.1+r233831-10.1
    • liblsan0-5.3.1+r233831-10.1
    • libcilkrts5-32bit-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
    • libgfortran3-5.3.1+r233831-10.1
    • libgcc_s1-5.3.1+r233831-10.1
    • libstdc++6-locale-5.3.1+r233831-10.1
    • libgomp1-5.3.1+r233831-10.1
    • libstdc++6-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Server 11 SP4 (ia64 x86_64 i586)
    • libquadmath0-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64)
    • libgomp1-32bit-5.3.1+r233831-10.1
    • libffi4-32bit-5.3.1+r233831-10.1
    • libffi4-5.3.1+r233831-10.1
    • libgcc_s1-32bit-5.3.1+r233831-10.1
    • libstdc++6-32bit-5.3.1+r233831-10.1
    • libatomic1-5.3.1+r233831-10.1
    • libatomic1-32bit-5.3.1+r233831-10.1
    • libgfortran3-32bit-5.3.1+r233831-10.1
  • SUSE Linux Enterprise Server 11 SP4 (x86_64)
    • libquadmath0-32bit-5.3.1+r233831-10.1
  • SLES for SAP Applications 11-SP4 (ppc64 x86_64)
    • libgfortran3-5.3.1+r233831-10.1
    • libgomp1-5.3.1+r233831-10.1
    • libgomp1-32bit-5.3.1+r233831-10.1
    • libffi4-32bit-5.3.1+r233831-10.1
    • libgcc_s1-5.3.1+r233831-10.1
    • libffi4-5.3.1+r233831-10.1
    • libgcc_s1-32bit-5.3.1+r233831-10.1
    • libstdc++6-locale-5.3.1+r233831-10.1
    • libstdc++6-32bit-5.3.1+r233831-10.1
    • libatomic1-5.3.1+r233831-10.1
    • libatomic1-32bit-5.3.1+r233831-10.1
    • libgfortran3-32bit-5.3.1+r233831-10.1
    • libstdc++6-5.3.1+r233831-10.1
  • SLES for SAP Applications 11-SP4 (x86_64)
    • libquadmath0-32bit-5.3.1+r233831-10.1
    • libquadmath0-5.3.1+r233831-10.1

References: