ALEA-2019:3454 new packages: gcc-toolset-9-systemtap

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-systemtap packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GC...

new packages: gcc-toolset-9-systemtap

An update is available for gcc-toolset-9-systemtap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versio...

ALBA-2019:3449 new packages: gcc-toolset-9-dyninst

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...

new packages: gcc-toolset-9-dyninst

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...

new packages: gcc-toolset-9-valgrind

An update is available for gcc-toolset-9-valgrind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent version...

new packages: gcc-toolset-9-elfutils

An update is available for gcc-toolset-9-elfutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent version...

new packages: gcc-toolset-9-dwz

An update is available for gcc-toolset-9-dwz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versions of...

new packages: gcc-toolset-9-dwz

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dwz packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...

ALBA-2019:3439 new packages: gcc-toolset-9-dwz

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dwz packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GCC...

DEBIAN-CVE-2012-6123

Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."...

JavaScriptCore - GetterSetter Type Confusion During DFG Compilation Exploit

The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let notAGetterSetter = whatever: 42; function v2v5 const v10 = Object; if v5 const v1...

JavaScriptCore GetterSetter Type Confusion

JSC: GetterSetter type confusion during DFG compilation The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let notAGetterSetter =...

CVE-2002-2439

operator new sometimes returns pointers to heap blocks which are too small. When a new array is allocated, the C++ run-time has to calculate its size. The product may exceed the maximum value which can be stored in a machine register. This error is ignored, and the truncated value is used for the...

CVE-2018-12549

In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it...

CVE-2018-12387

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

ALPINE-CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

Design/Logic Flaw

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...