Alerts This Week
Warning Icon 1 933
Alerts This Week
Warning Icon 1 933

Red Hat: RHSA-2020-0924 Moderate: Devtoolset-8-GCC Security Update

red hat
Calendar Grey March 23, 2020
Dist Redhat Esm H88
Red Hat released a moderate security update for the devtoolset-8-gcc package, addressing vulnerabilities that could impact system integrity and performance
An update for devtoolset-8-gcc is now available for Red Hat Developer Toolset 8 for Red Hat Enterprise Linux

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

The GNU Compiler Collection (GCC) is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The devtoolset-8-gcc packages provide the Red Hat Developer Toolset version of GCC, as well as related libraries.
Security Fix(es):
* gcc: POWER9 "DARN" RNG intrinsic produces repeated output (CVE-2019-15847)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory security update Red Hat Moderate toolset GCC devtoolset-8

References

https://access.redhat.com/security/cve/CVE-2019-15847 https://access.redhat.com/security/updates/classification#moderate

Package List

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source: devtoolset-8-gcc-8.3.1-3.2.el6.src.rpm
x86_64: devtoolset-8-gcc-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-gcc-c++-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-gcc-debuginfo-8.3.1-3.2.el6.i686.rpm devtoolset-8-gcc-debuginfo-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-gcc-gdb-plugin-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-gcc-gfortran-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-gcc-plugin-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libasan-devel-8.3.1-3.2.el6.i686.rpm devtoolset-8-libasan-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libatomic-devel-8.3.1-3.2.el6.i686.rpm devtoolset-8-libatomic-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libgccjit-8.3.1-3.2.el6.i686.rpm devtoolset-8-libgccjit-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libgccjit-devel-8.3.1-3.2.el6.i686.rpm devtoolset-8-libgccjit-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libgccjit-docs-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libitm-devel-8.3.1-3.2.el6.i686.rpm devtoolset-8-libitm-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-liblsan-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libquadmath-devel-8.3.1-3.2.el6.i686.rpm devtoolset-8-libquadmath-devel-8.3.1-3.2.el6.x86_64.rpm devtoolset-8-libstdc++-devel-8.3.1-3.2.el6.i686.rpm

Read the Full Advisory


Advisory ID: RHSA-2020:0924-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2020:0924
Issue date: 2020-03-23

Topic

An update for devtoolset-8-gcc is now available for Red Hat DeveloperToolset 8 for Red Hat Enterprise Linux.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory security update Red Hat Moderate toolset GCC devtoolset-8

Relevant Releases Architectures

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64, ppc64le, s390x, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Bugs Fixed

1755523 - CVE-2019-15847 gcc: POWER9 "DARN" RNG intrinsic produces repeated output

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here