openSUSE Security Update : gcc5 (openSUSE-2016-472)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The GNU Compiler Collection was updated to version 5.3.1, which brings
several fixes and enhancements.

The following security issue has been fixed :

- Fix C++11 std::random_device short read issue that could
lead to predictable randomness. (CVE-2015-5276,
bsc#945842)

The following non-security issues have been fixed :

- Enable frame pointer for TARGET_64BIT_MS_ABI when stack
is misaligned. Fixes internal compiler error when
building Wine. (bsc#966220)

- Fix a PowerPC specific issue in gcc-go that broke
compilation of newer versions of Docker. (bsc#964468)

- Fix HTM built-ins on PowerPC. (bsc#955382)

- Fix libgo certificate lookup. (bsc#953831)

- Suppress deprecated-declarations warnings for inline
definitions of deprecated virtual methods. (bsc#939460)

- Build s390[x] with '--with-tune=z9-109 --with-arch=z900'
on SLE11 again. (bsc#954002)

- Revert accidental libffi ABI breakage on aarch64.
(bsc#968771)

- On x86_64, set default 32bit code generation to
-march=x86-64 rather than -march=i586.

- Add experimental File System TS library. This update was
imported from the SUSE:SLE-12:Update update project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=939460
https://bugzilla.opensuse.org/show_bug.cgi?id=945842
https://bugzilla.opensuse.org/show_bug.cgi?id=952151
https://bugzilla.opensuse.org/show_bug.cgi?id=953831
https://bugzilla.opensuse.org/show_bug.cgi?id=954002
https://bugzilla.opensuse.org/show_bug.cgi?id=955382
https://bugzilla.opensuse.org/show_bug.cgi?id=962765
https://bugzilla.opensuse.org/show_bug.cgi?id=964468
https://bugzilla.opensuse.org/show_bug.cgi?id=966220
https://bugzilla.opensuse.org/show_bug.cgi?id=968771

Solution :

Update the affected gcc5 packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 90562 ()

Bugtraq ID:

CVE ID: CVE-2015-5276

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now