 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Thu, 17 Feb 2011 15:35:56 -0600 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Low: gcc security and bug fix update
Issue date: 2011-01-13
CVE Names: CVE-2010-0831 CVE-2010-2322
Two directory traversal flaws were found in the way fastjar extracted
JAR archive files. If a local, unsuspecting user extracted a
specially-crafted JAR file, it could cause fastjar to overwrite
arbitrary files writable by the user running fastjar. (CVE-2010-0831,
CVE-2010-2322)
This update also fixes the following bugs:
* The option -print-multi-os-directory in the gcc --help output is not
in the gcc(1) man page. This update applies an upstream patch to amend
this. (BZ#529659)
* An internal assertion in the compiler tried to check that a C++ static
data member is external which resulted in errors. This was because when
the compiler optimizes C++ anonymous namespaces the declarations were no
longer marked external as everything on anonymous namespaces is local to
the current translation. This update corrects the assertion to resolve
this issue. (BZ#503565, BZ#508735, BZ#582682)
* Attempting to compile certain .cpp files could have resulted in an
internal compiler error. This update resolves this issue. (BZ#527510)
* PrintServiceLookup.lookupPrintServices with an appropriate DocFlavor
failed to return a list of printers under gcj. This update includes a
backported patch to correct this bug in the printer lookup service.
(BZ#578382)
* GCC would not build against xulrunner-devel-1.9.2. This update removes
gcjwebplugin from the GCC RPM. (BZ#596097)
* When a SystemTap generated kernel module was compiled, gcc reported an
internal compiler error and gets a segmentation fault. This update
applies a patch that, instead of crashing, assumes it can point to
anything. (BZ#605803)
* There was a performance issue with libstdc++ regarding all objects
derived from or using std::streambuf because of lock contention between
threads. This patch ensures reload uses the same value from _S_global
for the comparison, _M_add_reference () and _M_impl member of the class.
(BZ#635708)
SL 5.x
SRPMS:
gcc-4.1.2-50.el5.src.rpm
i386:
cpp-4.1.2-50.el5.i386.rpm
gcc-4.1.2-50.el5.i386.rpm
gcc-c++-4.1.2-50.el5.i386.rpm
gcc-gfortran-4.1.2-50.el5.i386.rpm
gcc-gnat-4.1.2-50.el5.i386.rpm
gcc-java-4.1.2-50.el5.i386.rpm
gcc-objc-4.1.2-50.el5.i386.rpm
gcc-objc++-4.1.2-50.el5.i386.rpm
libgcc-4.1.2-50.el5.i386.rpm
libgcj-4.1.2-50.el5.i386.rpm
libgcj-devel-4.1.2-50.el5.i386.rpm
libgcj-src-4.1.2-50.el5.i386.rpm
libgfortran-4.1.2-50.el5.i386.rpm
libgnat-4.1.2-50.el5.i386.rpm
libmudflap-4.1.2-50.el5.i386.rpm
libmudflap-devel-4.1.2-50.el5.i386.rpm
libobjc-4.1.2-50.el5.i386.rpm
libstdc++-4.1.2-50.el5.i386.rpm
libstdc++-devel-4.1.2-50.el5.i386.rpm
x86_64:
cpp-4.1.2-50.el5.x86_64.rpm
gcc-4.1.2-50.el5.x86_64.rpm
gcc-c++-4.1.2-50.el5.x86_64.rpm
gcc-gfortran-4.1.2-50.el5.x86_64.rpm
gcc-gnat-4.1.2-50.el5.x86_64.rpm
gcc-java-4.1.2-50.el5.x86_64.rpm
gcc-objc-4.1.2-50.el5.x86_64.rpm
gcc-objc++-4.1.2-50.el5.x86_64.rpm
libgcc-4.1.2-50.el5.i386.rpm
libgcc-4.1.2-50.el5.x86_64.rpm
libgcj-4.1.2-50.el5.i386.rpm
libgcj-4.1.2-50.el5.x86_64.rpm
libgcj-devel-4.1.2-50.el5.i386.rpm
libgcj-devel-4.1.2-50.el5.x86_64.rpm
libgcj-src-4.1.2-50.el5.x86_64.rpm
libgfortran-4.1.2-50.el5.i386.rpm
libgfortran-4.1.2-50.el5.x86_64.rpm
libgnat-4.1.2-50.el5.i386.rpm
libgnat-4.1.2-50.el5.x86_64.rpm
libmudflap-4.1.2-50.el5.i386.rpm
libmudflap-4.1.2-50.el5.x86_64.rpm
libmudflap-devel-4.1.2-50.el5.i386.rpm
libmudflap-devel-4.1.2-50.el5.x86_64.rpm
libobjc-4.1.2-50.el5.i386.rpm
libobjc-4.1.2-50.el5.x86_64.rpm
libstdc++-4.1.2-50.el5.i386.rpm
libstdc++-4.1.2-50.el5.x86_64.rpm
libstdc++-devel-4.1.2-50.el5.i386.rpm
libstdc++-devel-4.1.2-50.el5.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
