lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1YcUrY-0004Td-Cx@titan.mandriva.com>
Date: Mon, 30 Mar 2015 10:16:00 +0200
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2015:170 ] gcc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:170
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : gcc
 Date    : March 30, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated gcc packages fix the following security issue:
 
 Multiple integer overflow issues were found in libgfortran, the
 run-time support library for the Fortran compiler. These could possibly
 be used to crash a Fortran application or cause it to execute arbitrary
 code CVE-2014-5044).
 
 They also fix the following bugs:
 
 The gcc rtl-optimization sched2 miscompiles syscall sequence wich
 can cause random panic in glibc and kernel (gcc/PR61801)
 
 clang++ fails to find cxxabi.h and cxxabi_tweaks.h during build
 (mga#13543)
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5044
 http://advisories.mageia.org/MGASA-2014-0306.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 2/X86_64:
 ba6459e361ef674646c7c4c9dbb7bc99  mbs2/x86_64/gcc-4.8.2-5.1.mbs2.x86_64.rpm
 4931854eae0f31c0692fd02529cdb2c4  mbs2/x86_64/gcc-c++-4.8.2-5.1.mbs2.x86_64.rpm
 06d81754cc48c49ecf453bb1016c0749  mbs2/x86_64/gcc-cpp-4.8.2-5.1.mbs2.x86_64.rpm
 36412262a678f4180641754f0331b1e6  mbs2/x86_64/gcc-doc-4.8.2-5.1.mbs2.noarch.rpm
 ce7727c770409270fe59da4459bce549  mbs2/x86_64/gcc-doc-pdf-4.8.2-5.1.mbs2.noarch.rpm
 283e870ad330408eaf500e9bee543d89  mbs2/x86_64/gcc-gfortran-4.8.2-5.1.mbs2.x86_64.rpm
 03045262f7a3772062e676587b17dfe4  mbs2/x86_64/gcc-gnat-4.8.2-5.1.mbs2.x86_64.rpm
 abeae6b9f2361cb5a930551dceb520c3  mbs2/x86_64/gcc-java-4.8.2-5.1.mbs2.x86_64.rpm
 b50e3e67d3c6542e93826d91faa9529e  mbs2/x86_64/gcc-objc-4.8.2-5.1.mbs2.x86_64.rpm
 c58e9435e5f0f9b92954ca609cca09c0  mbs2/x86_64/gcc-objc++-4.8.2-5.1.mbs2.x86_64.rpm
 c5bf6d07d3096fcc99ccba1cbaa8d914  mbs2/x86_64/gcc-plugins-4.8.2-5.1.mbs2.x86_64.rpm
 50d15d7bd78675abbe87c5410b1813fa  mbs2/x86_64/gcj-tools-4.8.2-5.1.mbs2.x86_64.rpm
 83b5a52d9f232b739818fdb6dacf1c53  mbs2/x86_64/lib64gcj14-4.8.2-5.1.mbs2.x86_64.rpm
 9eacc2a8bdbcfc3688ca1e92bb520395  mbs2/x86_64/lib64gcj_bc1-4.8.2-5.1.mbs2.x86_64.rpm
 da6de30ec90f20a91d97dff2dfabcca1  mbs2/x86_64/lib64gcj-devel-4.8.2-5.1.mbs2.x86_64.rpm
 703709c2995a8493e01a4bede882b679  mbs2/x86_64/lib64gcj-static-devel-4.8.2-5.1.mbs2.x86_64.rpm
 9c29e871dc33ae226f72fce01d0699b5  mbs2/x86_64/libasan0-4.8.2-5.1.mbs2.x86_64.rpm
 f8e1128a346c13a30da8d9e2093be2e0  mbs2/x86_64/libasan-devel-4.8.2-5.1.mbs2.x86_64.rpm
 551a21703f62c6ca434010eb315328ec  mbs2/x86_64/libatomic1-4.8.2-5.1.mbs2.x86_64.rpm
 5300b338ee1b78be849644c4bbcc3e28  mbs2/x86_64/libatomic-devel-4.8.2-5.1.mbs2.x86_64.rpm
 48e82623a5b3c25eed4914642e178fc8  mbs2/x86_64/libgcc1-4.8.2-5.1.mbs2.x86_64.rpm
 dcc2346374a1e293ca90425b48b2293f  mbs2/x86_64/libgcj14-base-4.8.2-5.1.mbs2.x86_64.rpm
 6c488c65cdaf1f35623dd138db094271  mbs2/x86_64/libgcj14-src-4.8.2-5.1.mbs2.x86_64.rpm
 cdf7cc896cb02bb3a8a468d3618135d7  mbs2/x86_64/libgfortran3-4.8.2-5.1.mbs2.x86_64.rpm
 2b66c7207f002a2847b85dac2bbe280b  mbs2/x86_64/libgnat1-4.8.2-5.1.mbs2.x86_64.rpm
 c3afd2ddc6cd6c67bc9e22ec988ee88f  mbs2/x86_64/libgomp1-4.8.2-5.1.mbs2.x86_64.rpm
 c02c7a1a19b45abf54b21bc45b66846c  mbs2/x86_64/libgomp-devel-4.8.2-5.1.mbs2.x86_64.rpm
 0d8837075cc22def07d34843bb069530  mbs2/x86_64/libitm1-4.8.2-5.1.mbs2.x86_64.rpm
 88fde39165d0f5d301efcbaf52753ae7  mbs2/x86_64/libitm-devel-4.8.2-5.1.mbs2.x86_64.rpm
 ffcad7fa410ee670701207b9ed7f63c7  mbs2/x86_64/libmudflap0-4.8.2-5.1.mbs2.x86_64.rpm
 f83f7c31e43b0cf9cd5358d14df29b71  mbs2/x86_64/libmudflap-devel-4.8.2-5.1.mbs2.x86_64.rpm
 477874d761e9d5defa958d1bfca621ce  mbs2/x86_64/libobjc4-4.8.2-5.1.mbs2.x86_64.rpm
 fee115f9249303074ba0099847832f45  mbs2/x86_64/libquadmath0-4.8.2-5.1.mbs2.x86_64.rpm
 87f90458fa35e0092e55d04753616658  mbs2/x86_64/libquadmath-devel-4.8.2-5.1.mbs2.x86_64.rpm
 58f0d2c67eba4e233f0a0d3457d37899  mbs2/x86_64/libstdc++6-4.8.2-5.1.mbs2.x86_64.rpm
 625181b8fca022e2b6fa201ac5817432  mbs2/x86_64/libstdc++-devel-4.8.2-5.1.mbs2.x86_64.rpm
 11aa798cc7ec61fc2f2331de28ced16e  mbs2/x86_64/libstdc++-docs-4.8.2-5.1.mbs2.noarch.rpm
 a6446a827c6f6f63de42dfc4e5de30e2  mbs2/x86_64/libstdc++-static-devel-4.8.2-5.1.mbs2.x86_64.rpm
 82a7116c7ed0d9e47ef0aac472120cb9  mbs2/x86_64/libtsan0-4.8.2-5.1.mbs2.x86_64.rpm
 d418516d321b7dc42ea2a8434f75d310  mbs2/x86_64/libtsan-devel-4.8.2-5.1.mbs2.x86_64.rpm 
 a5bddc5fec6d4314a162a5dcabdfbe4c  mbs2/SRPMS/gcc-4.8.2-5.1.mbs2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVGPg5mqjQ0CJFipgRAurgAKDmS8h+ZC9UTdlIk0wMW9GOFTDSxgCgvsjR
TomVz6DV9ZGXfzS+QLdpSAs=
=VtVs
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ