| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Mar 2015 10:16:00 +0200 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDVSA-2015:170 ] gcc -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:170 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : gcc Date : March 30, 2015 Affected: Business Server 2.0 _______________________________________________________________________ Problem Description: Updated gcc packages fix the following security issue: Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code CVE-2014-5044). They also fix the following bugs: The gcc rtl-optimization sched2 miscompiles syscall sequence wich can cause random panic in glibc and kernel (gcc/PR61801) clang++ fails to find cxxabi.h and cxxabi_tweaks.h during build (mga#13543) _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5044 http://advisories.mageia.org/MGASA-2014-0306.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: ba6459e361ef674646c7c4c9dbb7bc99 mbs2/x86_64/gcc-4.8.2-5.1.mbs2.x86_64.rpm 4931854eae0f31c0692fd02529cdb2c4 mbs2/x86_64/gcc-c++-4.8.2-5.1.mbs2.x86_64.rpm 06d81754cc48c49ecf453bb1016c0749 mbs2/x86_64/gcc-cpp-4.8.2-5.1.mbs2.x86_64.rpm 36412262a678f4180641754f0331b1e6 mbs2/x86_64/gcc-doc-4.8.2-5.1.mbs2.noarch.rpm ce7727c770409270fe59da4459bce549 mbs2/x86_64/gcc-doc-pdf-4.8.2-5.1.mbs2.noarch.rpm 283e870ad330408eaf500e9bee543d89 mbs2/x86_64/gcc-gfortran-4.8.2-5.1.mbs2.x86_64.rpm 03045262f7a3772062e676587b17dfe4 mbs2/x86_64/gcc-gnat-4.8.2-5.1.mbs2.x86_64.rpm abeae6b9f2361cb5a930551dceb520c3 mbs2/x86_64/gcc-java-4.8.2-5.1.mbs2.x86_64.rpm b50e3e67d3c6542e93826d91faa9529e mbs2/x86_64/gcc-objc-4.8.2-5.1.mbs2.x86_64.rpm c58e9435e5f0f9b92954ca609cca09c0 mbs2/x86_64/gcc-objc++-4.8.2-5.1.mbs2.x86_64.rpm c5bf6d07d3096fcc99ccba1cbaa8d914 mbs2/x86_64/gcc-plugins-4.8.2-5.1.mbs2.x86_64.rpm 50d15d7bd78675abbe87c5410b1813fa mbs2/x86_64/gcj-tools-4.8.2-5.1.mbs2.x86_64.rpm 83b5a52d9f232b739818fdb6dacf1c53 mbs2/x86_64/lib64gcj14-4.8.2-5.1.mbs2.x86_64.rpm 9eacc2a8bdbcfc3688ca1e92bb520395 mbs2/x86_64/lib64gcj_bc1-4.8.2-5.1.mbs2.x86_64.rpm da6de30ec90f20a91d97dff2dfabcca1 mbs2/x86_64/lib64gcj-devel-4.8.2-5.1.mbs2.x86_64.rpm 703709c2995a8493e01a4bede882b679 mbs2/x86_64/lib64gcj-static-devel-4.8.2-5.1.mbs2.x86_64.rpm 9c29e871dc33ae226f72fce01d0699b5 mbs2/x86_64/libasan0-4.8.2-5.1.mbs2.x86_64.rpm f8e1128a346c13a30da8d9e2093be2e0 mbs2/x86_64/libasan-devel-4.8.2-5.1.mbs2.x86_64.rpm 551a21703f62c6ca434010eb315328ec mbs2/x86_64/libatomic1-4.8.2-5.1.mbs2.x86_64.rpm 5300b338ee1b78be849644c4bbcc3e28 mbs2/x86_64/libatomic-devel-4.8.2-5.1.mbs2.x86_64.rpm 48e82623a5b3c25eed4914642e178fc8 mbs2/x86_64/libgcc1-4.8.2-5.1.mbs2.x86_64.rpm dcc2346374a1e293ca90425b48b2293f mbs2/x86_64/libgcj14-base-4.8.2-5.1.mbs2.x86_64.rpm 6c488c65cdaf1f35623dd138db094271 mbs2/x86_64/libgcj14-src-4.8.2-5.1.mbs2.x86_64.rpm cdf7cc896cb02bb3a8a468d3618135d7 mbs2/x86_64/libgfortran3-4.8.2-5.1.mbs2.x86_64.rpm 2b66c7207f002a2847b85dac2bbe280b mbs2/x86_64/libgnat1-4.8.2-5.1.mbs2.x86_64.rpm c3afd2ddc6cd6c67bc9e22ec988ee88f mbs2/x86_64/libgomp1-4.8.2-5.1.mbs2.x86_64.rpm c02c7a1a19b45abf54b21bc45b66846c mbs2/x86_64/libgomp-devel-4.8.2-5.1.mbs2.x86_64.rpm 0d8837075cc22def07d34843bb069530 mbs2/x86_64/libitm1-4.8.2-5.1.mbs2.x86_64.rpm 88fde39165d0f5d301efcbaf52753ae7 mbs2/x86_64/libitm-devel-4.8.2-5.1.mbs2.x86_64.rpm ffcad7fa410ee670701207b9ed7f63c7 mbs2/x86_64/libmudflap0-4.8.2-5.1.mbs2.x86_64.rpm f83f7c31e43b0cf9cd5358d14df29b71 mbs2/x86_64/libmudflap-devel-4.8.2-5.1.mbs2.x86_64.rpm 477874d761e9d5defa958d1bfca621ce mbs2/x86_64/libobjc4-4.8.2-5.1.mbs2.x86_64.rpm fee115f9249303074ba0099847832f45 mbs2/x86_64/libquadmath0-4.8.2-5.1.mbs2.x86_64.rpm 87f90458fa35e0092e55d04753616658 mbs2/x86_64/libquadmath-devel-4.8.2-5.1.mbs2.x86_64.rpm 58f0d2c67eba4e233f0a0d3457d37899 mbs2/x86_64/libstdc++6-4.8.2-5.1.mbs2.x86_64.rpm 625181b8fca022e2b6fa201ac5817432 mbs2/x86_64/libstdc++-devel-4.8.2-5.1.mbs2.x86_64.rpm 11aa798cc7ec61fc2f2331de28ced16e mbs2/x86_64/libstdc++-docs-4.8.2-5.1.mbs2.noarch.rpm a6446a827c6f6f63de42dfc4e5de30e2 mbs2/x86_64/libstdc++-static-devel-4.8.2-5.1.mbs2.x86_64.rpm 82a7116c7ed0d9e47ef0aac472120cb9 mbs2/x86_64/libtsan0-4.8.2-5.1.mbs2.x86_64.rpm d418516d321b7dc42ea2a8434f75d310 mbs2/x86_64/libtsan-devel-4.8.2-5.1.mbs2.x86_64.rpm a5bddc5fec6d4314a162a5dcabdfbe4c mbs2/SRPMS/gcc-4.8.2-5.1.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVGPg5mqjQ0CJFipgRAurgAKDmS8h+ZC9UTdlIk0wMW9GOFTDSxgCgvsjR TomVz6DV9ZGXfzS+QLdpSAs= =VtVs -----END PGP SIGNATURE-----
Powered by blists - more mailing lists