Lucene search

CentOS ProjectCESA-2018:0849

HistoryApr 26, 2018 - 5:41 p.m.

cpp, gcc, libasan, libatomic, libgcc, libgfortran, libgnat, libgo, libgomp, libitm, libmudflap, libobjc, libquadmath, libstdc++, libtsan security update

2018-04-2617:41:24

CentOS Project

lists.centos.org

292

4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

51.8%

JSON

CentOS Errata and Security Advisory CESA-2018:0849

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.

Security Fix(es):

gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2018-April/031073.html

Affected packages:
cpp
gcc
gcc-c++
gcc-gfortran
gcc-gnat
gcc-go
gcc-objc
gcc-objc++
gcc-plugin-devel
libasan
libasan-static
libatomic
libatomic-static
libgcc
libgfortran
libgfortran-static
libgnat
libgnat-devel
libgnat-static
libgo
libgo-devel
libgo-static
libgomp
libitm
libitm-devel
libitm-static
libmudflap
libmudflap-devel
libmudflap-static
libobjc
libquadmath
libquadmath-devel
libquadmath-static
libstdc++
libstdc+±devel
libstdc+±docs
libstdc+±static
libtsan
libtsan-static

Upstream details at:
https://access.redhat.com/errata/RHSA-2018:0849

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64cpp< 4.8.5-28.el7cpp-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc< 4.8.5-28.el7gcc-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-c++< 4.8.5-28.el7gcc-c++-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-gfortran< 4.8.5-28.el7gcc-gfortran-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-gnat< 4.8.5-28.el7gcc-gnat-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-go< 4.8.5-28.el7gcc-go-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-objc< 4.8.5-28.el7gcc-objc-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-objc++< 4.8.5-28.el7gcc-objc++-4.8.5-28.el7.x86_64.rpm
CentOS7x86_64gcc-plugin-devel< 4.8.5-28.el7gcc-plugin-devel-4.8.5-28.el7.x86_64.rpm
CentOS7i686libasan< 4.8.5-28.el7libasan-4.8.5-28.el7.i686.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	x86_64	cpp	< 4.8.5-28.el7	cpp-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc	< 4.8.5-28.el7	gcc-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-c++	< 4.8.5-28.el7	gcc-c++-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-gfortran	< 4.8.5-28.el7	gcc-gfortran-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-gnat	< 4.8.5-28.el7	gcc-gnat-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-go	< 4.8.5-28.el7	gcc-go-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-objc	< 4.8.5-28.el7	gcc-objc-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-objc++	< 4.8.5-28.el7	gcc-objc++-4.8.5-28.el7.x86_64.rpm
CentOS	7	x86_64	gcc-plugin-devel	< 4.8.5-28.el7	gcc-plugin-devel-4.8.5-28.el7.x86_64.rpm
CentOS	7	i686	libasan	< 4.8.5-28.el7	libasan-4.8.5-28.el7.i686.rpm