openSUSE Security Update : gcc5 (openSUSE-2016-472)

medium Nessus Plugin ID 90562

Synopsis

The remote openSUSE host is missing a security update.

Description

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements.

The following security issue has been fixed :

- Fix C++11 std::random_device short read issue that could lead to predictable randomness. (CVE-2015-5276, bsc#945842)

The following non-security issues have been fixed :

- Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned. Fixes internal compiler error when building Wine. (bsc#966220)

- Fix a PowerPC specific issue in gcc-go that broke compilation of newer versions of Docker. (bsc#964468)

- Fix HTM built-ins on PowerPC. (bsc#955382)

- Fix libgo certificate lookup. (bsc#953831)

- Suppress deprecated-declarations warnings for inline definitions of deprecated virtual methods. (bsc#939460)

- Build s390[x] with '--with-tune=z9-109 --with-arch=z900' on SLE11 again. (bsc#954002)

- Revert accidental libffi ABI breakage on aarch64.
(bsc#968771)

- On x86_64, set default 32bit code generation to
-march=x86-64 rather than -march=i586.

- Add experimental File System TS library. This update was imported from the SUSE:SLE-12:Update update project.

Solution

Update the affected gcc5 packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=939460

https://bugzilla.opensuse.org/show_bug.cgi?id=945842

https://bugzilla.opensuse.org/show_bug.cgi?id=952151

https://bugzilla.opensuse.org/show_bug.cgi?id=953831

https://bugzilla.opensuse.org/show_bug.cgi?id=954002

https://bugzilla.opensuse.org/show_bug.cgi?id=955382

https://bugzilla.opensuse.org/show_bug.cgi?id=962765

https://bugzilla.opensuse.org/show_bug.cgi?id=964468

https://bugzilla.opensuse.org/show_bug.cgi?id=966220

https://bugzilla.opensuse.org/show_bug.cgi?id=968771

Plugin Details

Severity: Medium

ID: 90562

File Name: openSUSE-2016-472.nasl

Version: 2.3

Type: local

Agent: unix

Published: 4/18/2016

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmpx0-32bit, p-cpe:/a:novell:opensuse:gcc5-testresults, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-locale, p-cpe:/a:novell:opensuse:libatomic1-32bit, p-cpe:/a:novell:opensuse:libstdc%2b%2b6, p-cpe:/a:novell:opensuse:libada5, p-cpe:/a:novell:opensuse:liblsan0-debuginfo, p-cpe:/a:novell:opensuse:libgomp1-debuginfo, p-cpe:/a:novell:opensuse:libgomp1-32bit-debuginfo, p-cpe:/a:novell:opensuse:libffi4, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-debuginfo, p-cpe:/a:novell:opensuse:libasan2, p-cpe:/a:novell:opensuse:libgomp1-32bit, p-cpe:/a:novell:opensuse:libffi4-32bit-debuginfo, p-cpe:/a:novell:opensuse:libgcc_s1-32bit-debuginfo, p-cpe:/a:novell:opensuse:libubsan0, p-cpe:/a:novell:opensuse:cpp5, p-cpe:/a:novell:opensuse:libgo7-debuginfo, p-cpe:/a:novell:opensuse:libitm1-32bit, p-cpe:/a:novell:opensuse:libmpxwrappers0-32bit-debuginfo, p-cpe:/a:novell:opensuse:libquadmath0-32bit-debuginfo, p-cpe:/a:novell:opensuse:libasan2-32bit, p-cpe:/a:novell:opensuse:libtsan0, p-cpe:/a:novell:opensuse:libgfortran3-32bit-debuginfo, p-cpe:/a:novell:opensuse:libgo7-32bit, p-cpe:/a:novell:opensuse:libmpx0, p-cpe:/a:novell:opensuse:libcilkrts5, p-cpe:/a:novell:opensuse:gcc5-ada-debuginfo, p-cpe:/a:novell:opensuse:libcilkrts5-32bit-debuginfo, p-cpe:/a:novell:opensuse:libubsan0-debuginfo, p-cpe:/a:novell:opensuse:libubsan0-32bit, p-cpe:/a:novell:opensuse:gcc5-go-debuginfo, p-cpe:/a:novell:opensuse:libada5-32bit-debuginfo, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-devel-gcc5-32bit, p-cpe:/a:novell:opensuse:libgo7, p-cpe:/a:novell:opensuse:libmpx0-32bit-debuginfo, p-cpe:/a:novell:opensuse:libgo7-32bit-debuginfo, p-cpe:/a:novell:opensuse:libcilkrts5-debuginfo, p-cpe:/a:novell:opensuse:libgfortran3-32bit, p-cpe:/a:novell:opensuse:gcc5-c%2b%2b-32bit, p-cpe:/a:novell:opensuse:libmpxwrappers0, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-32bit-debuginfo, p-cpe:/a:novell:opensuse:libasan2-32bit-debuginfo, p-cpe:/a:novell:opensuse:libmpxwrappers0-32bit, p-cpe:/a:novell:opensuse:gcc5-debuginfo, p-cpe:/a:novell:opensuse:gcc5-fortran, p-cpe:/a:novell:opensuse:gcc5-fortran-32bit, p-cpe:/a:novell:opensuse:libquadmath0-32bit, p-cpe:/a:novell:opensuse:libffi-gcc5-debugsource, p-cpe:/a:novell:opensuse:gcc5, p-cpe:/a:novell:opensuse:libcilkrts5-32bit, p-cpe:/a:novell:opensuse:gcc5-ada-32bit, p-cpe:/a:novell:opensuse:gcc5-debugsource, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-devel-gcc5, p-cpe:/a:novell:opensuse:libitm1-debuginfo, p-cpe:/a:novell:opensuse:libtsan0-debuginfo, p-cpe:/a:novell:opensuse:libmpx0-debuginfo, p-cpe:/a:novell:opensuse:cpp5-debuginfo, p-cpe:/a:novell:opensuse:libffi4-32bit, p-cpe:/a:novell:opensuse:gcc5-fortran-debuginfo, p-cpe:/a:novell:opensuse:libgfortran3-debuginfo, p-cpe:/a:novell:opensuse:libgfortran3, p-cpe:/a:novell:opensuse:libgcc_s1-32bit, p-cpe:/a:novell:opensuse:gcc5-go, p-cpe:/a:novell:opensuse:libquadmath0, p-cpe:/a:novell:opensuse:libatomic1-32bit-debuginfo, p-cpe:/a:novell:opensuse:libatomic1-debuginfo, p-cpe:/a:novell:opensuse:gcc5-c%2b%2b, p-cpe:/a:novell:opensuse:libffi4-debuginfo, p-cpe:/a:novell:opensuse:libada5-32bit, p-cpe:/a:novell:opensuse:libitm1-32bit-debuginfo, p-cpe:/a:novell:opensuse:libatomic1, cpe:/o:novell:opensuse:42.1, p-cpe:/a:novell:opensuse:libmpxwrappers0-debuginfo, p-cpe:/a:novell:opensuse:libgomp1, p-cpe:/a:novell:opensuse:gcc5-ada, p-cpe:/a:novell:opensuse:libitm1, p-cpe:/a:novell:opensuse:gcc5-info, p-cpe:/a:novell:opensuse:gcc5-32bit-debuginfo, p-cpe:/a:novell:opensuse:gcc5-32bit, p-cpe:/a:novell:opensuse:libffi-devel-gcc5-32bit, p-cpe:/a:novell:opensuse:libubsan0-32bit-debuginfo, p-cpe:/a:novell:opensuse:gcc5-go-32bit, p-cpe:/a:novell:opensuse:libasan2-debuginfo, p-cpe:/a:novell:opensuse:libada5-debuginfo, p-cpe:/a:novell:opensuse:libstdc%2b%2b6-32bit, p-cpe:/a:novell:opensuse:libffi-devel-gcc5, p-cpe:/a:novell:opensuse:gcc5-locale, p-cpe:/a:novell:opensuse:libgcc_s1-debuginfo, p-cpe:/a:novell:opensuse:gcc5-c%2b%2b-debuginfo, p-cpe:/a:novell:opensuse:liblsan0, p-cpe:/a:novell:opensuse:libgcc_s1, p-cpe:/a:novell:opensuse:libquadmath0-debuginfo

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 4/17/2016

Reference Information

CVE: CVE-2015-5276