Security update for gcc7 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:2300-1 Final 1 1 2020-12-20T17:23:02Z current 2020-12-20T17:23:02Z 2020-12-20T17:23:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gcc7 This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue (bsc#1172798) - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel. - Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its default enabling. [jsc#SLE-12209, bsc#1167939] - Fixed 32bit libgnat.so link. [bsc#1178675] - Fixed memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Fixed debug line info for try/catch. [bsc#1178614] - Remove -mbranch-protection=standard (aarch64 flag) when gcc7 is used to build gcc7 (ie when ada is enabled) - Fixed corruption of pass private ->aux via DF. [gcc#94148] - Fixed debug information issue with inlined functions and passed by reference arguments. [gcc#93888] - Fixed binutils release date detection issue. - Fixed register allocation issue with exception handling code on s390x. [bsc#1161913] - Fixed miscompilation of some atomic code on aarch64. [bsc#1150164] This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-2300 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J4EOEHZ7Q27TTGN54YMFIIKDEJ5OS3SI/ E-Mail link for openSUSE-SU-2020:2300-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1150164 SUSE Bug 1150164 https://bugzilla.suse.com/1161913 SUSE Bug 1161913 https://bugzilla.suse.com/1167939 SUSE Bug 1167939 https://bugzilla.suse.com/1172798 SUSE Bug 1172798 https://bugzilla.suse.com/1178577 SUSE Bug 1178577 https://bugzilla.suse.com/1178614 SUSE Bug 1178614 https://bugzilla.suse.com/1178624 SUSE Bug 1178624 https://bugzilla.suse.com/1178675 SUSE Bug 1178675 https://www.suse.com/security/cve/CVE-2020-13844/ SUSE CVE CVE-2020-13844 page openSUSE Leap 15.1 cpp7-7.5.0+r278197-lp151.2.15.1 gcc7-7.5.0+r278197-lp151.2.15.1 gcc7-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-ada-7.5.0+r278197-lp151.2.15.1 gcc7-ada-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-c++-7.5.0+r278197-lp151.2.15.1 gcc7-c++-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-fortran-7.5.0+r278197-lp151.2.15.1 gcc7-fortran-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-go-7.5.0+r278197-lp151.2.15.1 gcc7-go-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-info-7.5.0+r278197-lp151.2.15.1 gcc7-locale-7.5.0+r278197-lp151.2.15.1 gcc7-obj-c++-7.5.0+r278197-lp151.2.15.1 gcc7-obj-c++-32bit-7.5.0+r278197-lp151.2.15.1 gcc7-objc-7.5.0+r278197-lp151.2.15.1 gcc7-objc-32bit-7.5.0+r278197-lp151.2.15.1 libada7-7.5.0+r278197-lp151.2.15.1 libada7-32bit-7.5.0+r278197-lp151.2.15.1 libasan4-7.5.0+r278197-lp151.2.15.1 libasan4-32bit-7.5.0+r278197-lp151.2.15.1 libcilkrts5-7.5.0+r278197-lp151.2.15.1 libcilkrts5-32bit-7.5.0+r278197-lp151.2.15.1 libgfortran4-7.5.0+r278197-lp151.2.15.1 libgfortran4-32bit-7.5.0+r278197-lp151.2.15.1 libgo11-7.5.0+r278197-lp151.2.15.1 libgo11-32bit-7.5.0+r278197-lp151.2.15.1 libstdc++6-devel-gcc7-7.5.0+r278197-lp151.2.15.1 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-lp151.2.15.1 libubsan0-7.5.0+r278197-lp151.2.15.1 libubsan0-32bit-7.5.0+r278197-lp151.2.15.1 cpp7-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-ada-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-ada-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-c++-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-c++-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-fortran-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-fortran-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-go-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-go-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-info-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-locale-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-obj-c++-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-obj-c++-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-objc-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 gcc7-objc-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libada7-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libada7-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libasan4-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libasan4-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libcilkrts5-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libcilkrts5-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libgfortran4-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libgfortran4-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libgo11-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libgo11-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libstdc++6-devel-gcc7-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libubsan0-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 libubsan0-32bit-7.5.0+r278197-lp151.2.15.1 as a component of openSUSE Leap 15.1 Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." CVE-2020-13844 openSUSE Leap 15.1:cpp7-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-ada-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-ada-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-c++-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-c++-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-fortran-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-fortran-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-go-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-go-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-info-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-locale-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-obj-c++-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-objc-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:gcc7-objc-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libada7-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libada7-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libasan4-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libasan4-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libcilkrts5-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libcilkrts5-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libgfortran4-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libgfortran4-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libgo11-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libgo11-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libubsan0-32bit-7.5.0+r278197-lp151.2.15.1 openSUSE Leap 15.1:libubsan0-7.5.0+r278197-lp151.2.15.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J4EOEHZ7Q27TTGN54YMFIIKDEJ5OS3SI/ https://www.suse.com/security/cve/CVE-2020-13844.html CVE-2020-13844 https://bugzilla.suse.com/1172798 SUSE Bug 1172798