Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2019:2702-1 Moderate: gcc7 Integer Overflow Fix and More

suse
Calendar Grey October 16, 2019
Dist Suse Esm H88
SUSE Security Update: gcc8 addresses a critical buffer overflow and entropy problem. Learn further about the enhancements in security.
An update that solves two vulnerabilities and has three fixes is now available

Summary

This update for gcc7 to r275405 fixes the following issues: Security issues fixed: - CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649). - CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145). Non-security issue fixed: - Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2702=1

Topics%20covered

Topics Covered

security advisory moderate integer overflow SUSE random number generator gcc cross-reference

References

#1071995 #1141897 #1142649 #1148517 #1149145

Cross- CVE-2019-14250 CVE-2019-15847

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Development Tools 15-SP1

SUSE Linux Enterprise Module for Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15-SP1

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2019-14250.html

https://www.suse.com/security/cve/CVE-2019-15847.html

https://bugzilla.suse.com/1071995

https://bugzilla.suse.com/1141897

https://bugzilla.suse.com/1142649

https://bugzilla.suse.com/1148517

https://bugzilla.suse.com/1149145

Announcement ID: SUSE-SU-2019:2702-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate integer overflow SUSE random number generator gcc cross-reference

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here