Synopsis:          Low: gcc security, bug fix, and enhancement update
Advisory ID:       SLSA-2018:0849-1
Issue Date:        2018-04-10
CVE Numbers:       CVE-2017-11671
--

Security Fix(es):

* gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics
(CVE-2017-11671)

Additional Changes:
--

SL7
  x86_64
    cpp-4.8.5-28.el7.x86_64.rpm
    gcc-4.8.5-28.el7.x86_64.rpm
    gcc-base-debuginfo-4.8.5-28.el7.i686.rpm
    gcc-base-debuginfo-4.8.5-28.el7.x86_64.rpm
    gcc-debuginfo-4.8.5-28.el7.i686.rpm
    gcc-debuginfo-4.8.5-28.el7.x86_64.rpm
    libatomic-4.8.5-28.el7.i686.rpm
    libatomic-4.8.5-28.el7.x86_64.rpm
    libgcc-4.8.5-28.el7.i686.rpm
    libgcc-4.8.5-28.el7.x86_64.rpm
    libgfortran-4.8.5-28.el7.i686.rpm
    libgfortran-4.8.5-28.el7.x86_64.rpm
    libgomp-4.8.5-28.el7.i686.rpm
    libgomp-4.8.5-28.el7.x86_64.rpm
    libitm-4.8.5-28.el7.i686.rpm
    libitm-4.8.5-28.el7.x86_64.rpm
    libquadmath-4.8.5-28.el7.i686.rpm
    libquadmath-4.8.5-28.el7.x86_64.rpm
    libstdc++-4.8.5-28.el7.i686.rpm
    libstdc++-4.8.5-28.el7.x86_64.rpm
    gcc-c++-4.8.5-28.el7.x86_64.rpm
    gcc-gfortran-4.8.5-28.el7.x86_64.rpm
    gcc-gnat-4.8.5-28.el7.x86_64.rpm
    gcc-go-4.8.5-28.el7.x86_64.rpm
    gcc-objc++-4.8.5-28.el7.x86_64.rpm
    gcc-objc-4.8.5-28.el7.x86_64.rpm
    gcc-plugin-devel-4.8.5-28.el7.x86_64.rpm
    libasan-4.8.5-28.el7.i686.rpm
    libasan-4.8.5-28.el7.x86_64.rpm
    libasan-static-4.8.5-28.el7.i686.rpm
    libasan-static-4.8.5-28.el7.x86_64.rpm
    libatomic-static-4.8.5-28.el7.i686.rpm
    libatomic-static-4.8.5-28.el7.x86_64.rpm
    libgfortran-static-4.8.5-28.el7.i686.rpm
    libgfortran-static-4.8.5-28.el7.x86_64.rpm
    libgnat-4.8.5-28.el7.i686.rpm
    libgnat-4.8.5-28.el7.x86_64.rpm
    libgnat-devel-4.8.5-28.el7.i686.rpm
    libgnat-devel-4.8.5-28.el7.x86_64.rpm
    libgnat-static-4.8.5-28.el7.i686.rpm
    libgnat-static-4.8.5-28.el7.x86_64.rpm
    libgo-4.8.5-28.el7.i686.rpm
    libgo-4.8.5-28.el7.x86_64.rpm
    libgo-devel-4.8.5-28.el7.i686.rpm
    libgo-devel-4.8.5-28.el7.x86_64.rpm
    libgo-static-4.8.5-28.el7.i686.rpm
    libgo-static-4.8.5-28.el7.x86_64.rpm
    libitm-devel-4.8.5-28.el7.i686.rpm
    libitm-devel-4.8.5-28.el7.x86_64.rpm
    libitm-static-4.8.5-28.el7.i686.rpm
    libitm-static-4.8.5-28.el7.x86_64.rpm
    libmudflap-4.8.5-28.el7.i686.rpm
    libmudflap-4.8.5-28.el7.x86_64.rpm
    libmudflap-devel-4.8.5-28.el7.i686.rpm
    libmudflap-devel-4.8.5-28.el7.x86_64.rpm
    libmudflap-static-4.8.5-28.el7.i686.rpm
    libmudflap-static-4.8.5-28.el7.x86_64.rpm
    libobjc-4.8.5-28.el7.i686.rpm
    libobjc-4.8.5-28.el7.x86_64.rpm
    libquadmath-devel-4.8.5-28.el7.i686.rpm
    libquadmath-devel-4.8.5-28.el7.x86_64.rpm
    libquadmath-static-4.8.5-28.el7.i686.rpm
    libquadmath-static-4.8.5-28.el7.x86_64.rpm
    libstdc++-devel-4.8.5-28.el7.i686.rpm
    libstdc++-devel-4.8.5-28.el7.x86_64.rpm
    libstdc++-docs-4.8.5-28.el7.x86_64.rpm
    libstdc++-static-4.8.5-28.el7.i686.rpm
    libstdc++-static-4.8.5-28.el7.x86_64.rpm
    libtsan-4.8.5-28.el7.x86_64.rpm
    libtsan-static-4.8.5-28.el7.x86_64.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2018-0849-1 Low: gcc on SL7.x x86_64

gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671) Additional Changes: SL7 x86_64 cpp-4.8.5-28.el7.x86_64.rpm gcc-4.8.5-28.el7.x86_64.rpm gcc-base-debu...

Summary

Low: gcc security, bug fix, and enhancement update



Security Fixes

* gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics (CVE-2017-11671)
Additional Changes:
SL7 x86_64 cpp-4.8.5-28.el7.x86_64.rpm gcc-4.8.5-28.el7.x86_64.rpm gcc-base-debuginfo-4.8.5-28.el7.i686.rpm gcc-base-debuginfo-4.8.5-28.el7.x86_64.rpm gcc-debuginfo-4.8.5-28.el7.i686.rpm gcc-debuginfo-4.8.5-28.el7.x86_64.rpm libatomic-4.8.5-28.el7.i686.rpm libatomic-4.8.5-28.el7.x86_64.rpm libgcc-4.8.5-28.el7.i686.rpm libgcc-4.8.5-28.el7.x86_64.rpm libgfortran-4.8.5-28.el7.i686.rpm libgfortran-4.8.5-28.el7.x86_64.rpm libgomp-4.8.5-28.el7.i686.rpm libgomp-4.8.5-28.el7.x86_64.rpm libitm-4.8.5-28.el7.i686.rpm libitm-4.8.5-28.el7.x86_64.rpm libquadmath-4.8.5-28.el7.i686.rpm libquadmath-4.8.5-28.el7.x86_64.rpm libstdc++-4.8.5-28.el7.i686.rpm libstdc++-4.8.5-28.el7.x86_64.rpm gcc-c++-4.8.5-28.el7.x86_64.rpm gcc-gfortran-4.8.5-28.el7.x86_64.rpm gcc-gnat-4.8.5-28.el7.x86_64.rpm gcc-go-4.8.5-28.el7.x86_64.rpm gcc-objc++-4.8.5-28.el7.x86_64.rpm gcc-objc-4.8.5-28.el7.x86_64.rpm gcc-plugin-devel-4.8.5-28.el7.x86_64.rpm libasan-4.8.5-28.el7.i686.rpm libasan-4.8.5-28.el7.x86_64.rpm libasan-static-4.8.5-28.el7.i686.rpm libasan-static-4.8.5-28.el7.x86_64.rpm libatomic-static-4.8.5-28.el7.i686.rpm libatomic-static-4.8.5-28.el7.x86_64.rpm libgfortran-static-4.8.5-28.el7.i686.rpm libgfortran-static-4.8.5-28.el7.x86_64.rpm libgnat-4.8.5-28.el7.i686.rpm libgnat-4.8.5-28.el7.x86_64.rpm libgnat-devel-4.8.5-28.el7.i686.rpm libgnat-devel-4.8.5-28.el7.x86_64.rpm libgnat-static-4.8.5-28.el7.i686.rpm libgnat-static-4.8.5-28.el7.x86_64.rpm libgo-4.8.5-28.el7.i686.rpm libgo-4.8.5-28.el7.x86_64.rpm libgo-devel-4.8.5-28.el7.i686.rpm libgo-devel-4.8.5-28.el7.x86_64.rpm libgo-static-4.8.5-28.el7.i686.rpm libgo-static-4.8.5-28.el7.x86_64.rpm libitm-devel-4.8.5-28.el7.i686.rpm libitm-devel-4.8.5-28.el7.x86_64.rpm libitm-static-4.8.5-28.el7.i686.rpm libitm-static-4.8.5-28.el7.x86_64.rpm libmudflap-4.8.5-28.el7.i686.rpm libmudflap-4.8.5-28.el7.x86_64.rpm libmudflap-devel-4.8.5-28.el7.i686.rpm libmudflap-devel-4.8.5-28.el7.x86_64.rpm libmudflap-static-4.8.5-28.el7.i686.rpm libmudflap-static-4.8.5-28.el7.x86_64.rpm libobjc-4.8.5-28.el7.i686.rpm libobjc-4.8.5-28.el7.x86_64.rpm libquadmath-devel-4.8.5-28.el7.i686.rpm libquadmath-devel-4.8.5-28.el7.x86_64.rpm libquadmath-static-4.8.5-28.el7.i686.rpm libquadmath-static-4.8.5-28.el7.x86_64.rpm libstdc++-devel-4.8.5-28.el7.i686.rpm libstdc++-devel-4.8.5-28.el7.x86_64.rpm libstdc++-docs-4.8.5-28.el7.x86_64.rpm libstdc++-static-4.8.5-28.el7.i686.rpm libstdc++-static-4.8.5-28.el7.x86_64.rpm libtsan-4.8.5-28.el7.x86_64.rpm libtsan-static-4.8.5-28.el7.x86_64.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2018:0849-1
Issued Date: : 2018-04-10
CVE Numbers: CVE-2017-11671

Related News