SUSE-SU-2017:2380-1

Source
https://www.suse.com/support/update/announcement/2017/suse-su-20172380-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2380-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:2380-1
Related
Published
2017-09-06T12:32:12Z
Modified
2025-05-02T04:06:10.902306Z
Upstream
Summary
Security update for gcc48
Details

This update for gcc48 fixes the following issues:

Security issues fixed:

  • A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513]
  • CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947]

Bugs fixed:

  • Enable LFS support in 32bit libgcov.a. [bsc#1044016]
  • Bump libffi version in libffi.pc to 3.0.11.
  • Properly diagnose missing -fsanitize=address support on ppc64le. [bsc#1028744]
  • Backport patch for PR65612. [bsc#1022062]
References

Affected packages

SUSE:Linux Enterprise Software Development Kit 11 SP4 / gcc48

Package

Name
gcc48
Purl
pkg:rpm/suse/gcc48&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.8.5-5.3.1

Ecosystem specific

{
    "binaries": [
        {
            "gcc48-info": "4.8.5-5.3.1",
            "libstdc++48-devel": "4.8.5-5.3.1",
            "gcc48-c++": "4.8.5-5.3.1",
            "gcc48-fortran-32bit": "4.8.5-5.3.1",
            "gcc48-fortran": "4.8.5-5.3.1",
            "cpp48": "4.8.5-5.3.1",
            "gcc48-32bit": "4.8.5-5.3.1",
            "libasan0-32bit": "4.8.5-5.3.1",
            "libstdc++48-devel-32bit": "4.8.5-5.3.1",
            "gcc48": "4.8.5-5.3.1",
            "libasan0": "4.8.5-5.3.1",
            "gcc48-locale": "4.8.5-5.3.1"
        }
    ]
}