Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3842 gcc packages security update 11 November 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gcc gcc-toolset-10-gcc gcc-toolset-11-gcc gcc-toolset-10-binutils gcc-toolset-11-annobin Publisher: Red Hat Operating System: Red Hat Impact/Access: Provide Misleading Information -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-42574 Reference: ESB-2021.3645 ESB-2021.3638 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:4585 https://access.redhat.com/errata/RHSA-2021:4586 https://access.redhat.com/errata/RHSA-2021:4588 https://access.redhat.com/errata/RHSA-2021:4594 https://access.redhat.com/errata/RHSA-2021:4589 https://access.redhat.com/errata/RHSA-2021:4591 https://access.redhat.com/errata/RHSA-2021:4592 https://access.redhat.com/errata/RHSA-2021:4587 Comment: This bulletin contains eight (8) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-10-gcc security update Advisory ID: RHSA-2021:4585-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4585 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-10-gcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: gcc-toolset-10-gcc-10.3.1-1.2.el8_5.src.rpm aarch64: gcc-toolset-10-gcc-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.aarch64.rpm libasan6-10.3.1-1.2.el8_5.aarch64.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm ppc64le: gcc-toolset-10-gcc-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-offload-nvptx-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm libasan6-10.3.1-1.2.el8_5.ppc64le.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm s390x: gcc-toolset-10-gcc-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.s390x.rpm libasan6-10.3.1-1.2.el8_5.s390x.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.s390x.rpm x86_64: gcc-toolset-10-gcc-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-offload-nvptx-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm libasan6-10.3.1-1.2.el8_5.i686.rpm libasan6-10.3.1-1.2.el8_5.x86_64.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.i686.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.aarch64.rpm ppc64le: gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm gcc-toolset-10-offload-nvptx-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.ppc64le.rpm s390x: gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.s390x.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.s390x.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.s390x.rpm x86_64: gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-c++-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-gdb-plugin-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-gfortran-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-gcc-plugin-devel-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.i686.rpm gcc-toolset-10-libgccjit-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm gcc-toolset-10-offload-nvptx-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.i686.rpm libasan6-debuginfo-10.3.1-1.2.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvaQdzjgjWX9erEAQgorA/+LPlM8+UY4XxwMh+vJ319U7KDsPTrYyMV l7hKM+s1KsFDAlnQc62ncK0An6n9z1gCnPjbBdihgO81b2LUNbwGzl6s0iKXj79b 0uWtejXT+ybvRG+BlpCgKGvqBW+UbxmtcXGIKU3/L36PXvjQAG/mMfYtyLjEHaoR ZUBQbrjmJHNXDDWZq0h/SEyUZceIFCK+UPH37yctYGFZOP/TxI5cZFGt1x4P2quU nnbV+R1prayTE55iKQY72iDtXcYcWWqYMNSImd8iJlM5H6s9XkB45029ntGSlimP 4ak1OI2+QOJHShAuMDSMdqVSt9KNBvZj4MSToDLIVgQd2NPI4ZNn4c2xNxJi4TVY gU9mLa85MjRI9zK9v7ar3M0Xi5sAAr0jIXfI82fUtApdS9AxFxw005QP/Rru0B2l IYY/d+gZzd2gkHc8vbjo8Fafju1MdoWNsOIEUOvH3FlnTOXZ4ROYfhsARVQqjzLa mkP0XNX4ZFZO2OHJdQ2NRL0zCPAsf0NLM5hkFy5QdK+uoJIFJWJ4WdSxl4zU6si1 1d+lYDyn47HytolvtALIpkPg8w202pxI267o2UGvmvH+yGwYCasZRrNANAEeYvPQ JYswO+7q7kxBrlzpKLMYYFboBOokW5A6Ns3x7hSoJOygdxvHD1atX3CjoApBiR5e lq4spWt+4ds= =/mHB - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-11-gcc security update Advisory ID: RHSA-2021:4586-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4586 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-11-gcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: gcc-toolset-11-gcc-11.2.1-1.2.el8_5.src.rpm aarch64: gcc-toolset-11-gcc-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-c++-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-c++-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-gdb-plugin-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-gdb-plugin-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-gfortran-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-gfortran-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-plugin-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-gcc-plugin-devel-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libasan-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libatomic-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libgccjit-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libgccjit-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libgccjit-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libgccjit-docs-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libitm-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-liblsan-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libstdc++-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libstdc++-docs-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libtsan-devel-11.2.1-1.2.el8_5.aarch64.rpm gcc-toolset-11-libubsan-devel-11.2.1-1.2.el8_5.aarch64.rpm libasan6-11.2.1-1.2.el8_5.aarch64.rpm libasan6-debuginfo-11.2.1-1.2.el8_5.aarch64.rpm ppc64le: gcc-toolset-11-gcc-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-c++-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-c++-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-gdb-plugin-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-gdb-plugin-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-gfortran-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-gfortran-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-plugin-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-gcc-plugin-devel-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libasan-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libatomic-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libgccjit-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libgccjit-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libgccjit-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libgccjit-docs-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libitm-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-liblsan-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libquadmath-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libstdc++-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libstdc++-docs-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libtsan-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-libubsan-devel-11.2.1-1.2.el8_5.ppc64le.rpm gcc-toolset-11-offload-nvptx-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm libasan6-11.2.1-1.2.el8_5.ppc64le.rpm libasan6-debuginfo-11.2.1-1.2.el8_5.ppc64le.rpm s390x: gcc-toolset-11-gcc-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-c++-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-c++-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-gdb-plugin-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-gdb-plugin-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-gfortran-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-gfortran-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-plugin-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-gcc-plugin-devel-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libasan-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libatomic-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libgccjit-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libgccjit-debuginfo-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libgccjit-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libgccjit-docs-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libitm-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libstdc++-devel-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libstdc++-docs-11.2.1-1.2.el8_5.s390x.rpm gcc-toolset-11-libubsan-devel-11.2.1-1.2.el8_5.s390x.rpm libasan6-11.2.1-1.2.el8_5.s390x.rpm libasan6-debuginfo-11.2.1-1.2.el8_5.s390x.rpm x86_64: gcc-toolset-11-gcc-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-c++-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-c++-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-c++-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-gdb-plugin-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-gdb-plugin-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-gdb-plugin-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-gfortran-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-gfortran-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-gfortran-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-plugin-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-plugin-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-gcc-plugin-devel-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-gcc-plugin-devel-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libasan-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libasan-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libatomic-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libatomic-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libgccjit-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libgccjit-debuginfo-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libgccjit-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libgccjit-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libgccjit-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libgccjit-docs-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libitm-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libitm-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-liblsan-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libquadmath-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libquadmath-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libstdc++-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libstdc++-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libstdc++-docs-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libtsan-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-libubsan-devel-11.2.1-1.2.el8_5.i686.rpm gcc-toolset-11-libubsan-devel-11.2.1-1.2.el8_5.x86_64.rpm gcc-toolset-11-offload-nvptx-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm libasan6-11.2.1-1.2.el8_5.i686.rpm libasan6-11.2.1-1.2.el8_5.x86_64.rpm libasan6-debuginfo-11.2.1-1.2.el8_5.i686.rpm libasan6-debuginfo-11.2.1-1.2.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvaNNzjgjWX9erEAQjk7BAAkzxY3J9vlPeKjN3Q9OW0uTpiQRxBbg7x 5rswHpju/IqPbJWgpXvBphF2IkOghf3CqJ2Qa1X3pJk8c9fhiGLLpmRkEVHBhQtP urjN7AYINcXmD8MU6Dox8XfrA6WrN6eSikg+qP1EadpeA4+M+7qiy6m4BpJCk7CG zdrW9VxIjoHgFGHFWz4E/oLnTW2HCTBeFMIHrrukvbMluryG2r2tAgGEoUZl7Bx+ q8lZ5fQX0RTzTxT+M+r7RLUsi3jUlsZSE910GdGLVSD8j8SRQDMOeUBts6PW7mmr 1+HGyJC5tbX3LP/qbJajY9814nSYOmO3JT3evWHwUzKnYOy9x35PtxT0RYJ2k8rf X6RmnSsntSDwAYOeaCVGUBAqNCoP5RGrL2Y1CT4B3SQwZ4Y3wlTwa/tyHxGNyWz2 cNiYLHzfYmhVspQ2G9tgGjsypLK4UDixxgFclbzGv9eyxS+D1KuU2PSPLRkjlmqy dQGm7dwoCkSuAeYj85nnEZxxEdlVWauhfZe1Dj0M2Z4RdETAyWg3bAe3WrsH+ev0 OThTDQ67h2RARvYDlQUioBUwjOlyeLOGkWAP/p0VvqIgxSu+rMccGbKt9T3lHFGi D8XZxHVz7eJLOkHmmZFG09uSNXBEn2IYBYiE2RWZOL/zEdx93pA1A0GhP/Sq3b5Q FvjTsFg/Fq4= =j6VK - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-10-binutils security update Advisory ID: RHSA-2021:4588-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4588 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-10-binutils is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64 3. Description: The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in binutils in order to facilitate detection of BiDi Unicode characters: Tools which display names or strings (readelf, strings, nm, objdump) have a new command line option --unicode / -U which controls how Unicode characters are handled. Using "--unicode=default" will treat them as normal for the tool. This is the default behaviour when --unicode option is not used. Using "--unicode=locale" will display them according to the current locale. Using "--unicode=hex" will display them as hex byte values. Using "--unicode=escape" will display them as Unicode escape sequences. Using "--unicode=highlight" will display them as Unicode escape sequences highlighted in red, if supported by the output device. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.4): Source: gcc-toolset-10-binutils-2.35-8.el8_4.5.src.rpm aarch64: gcc-toolset-10-binutils-2.35-8.el8_4.5.aarch64.rpm gcc-toolset-10-binutils-debuginfo-2.35-8.el8_4.5.aarch64.rpm gcc-toolset-10-binutils-devel-2.35-8.el8_4.5.aarch64.rpm ppc64le: gcc-toolset-10-binutils-2.35-8.el8_4.5.ppc64le.rpm gcc-toolset-10-binutils-debuginfo-2.35-8.el8_4.5.ppc64le.rpm gcc-toolset-10-binutils-devel-2.35-8.el8_4.5.ppc64le.rpm s390x: gcc-toolset-10-binutils-2.35-8.el8_4.5.s390x.rpm gcc-toolset-10-binutils-debuginfo-2.35-8.el8_4.5.s390x.rpm gcc-toolset-10-binutils-devel-2.35-8.el8_4.5.s390x.rpm x86_64: gcc-toolset-10-binutils-2.35-8.el8_4.5.x86_64.rpm gcc-toolset-10-binutils-debuginfo-2.35-8.el8_4.5.i686.rpm gcc-toolset-10-binutils-debuginfo-2.35-8.el8_4.5.x86_64.rpm gcc-toolset-10-binutils-devel-2.35-8.el8_4.5.i686.rpm gcc-toolset-10-binutils-devel-2.35-8.el8_4.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvZqtzjgjWX9erEAQhoWw/9EVuSFuHlxa3dYEd1kJxsu9aBya2KHWDF SRC4mxt5P3M1XqUfUPRQbVKn9hVx0sXP5E509zJoxNW8VtQY3/Po+na3l8MOPeZM attpmoRJmmzJb8QOegZyshOJy+DpSdgmMUfBPZdKP7+W7U50OvpamBS+barCwNXL IE9R1Nr7FlQGuQ+NyYW7XTvZTbfh7OH9K3v4QOaQJ1DaRJVngOcXvIWtBy77co5C Vc+UZaLQhpa0azPgKW0fqJ7iGIcNg65RE3+kS2Ozki1IWvkeNOzY1rID0o+4jUv9 94z6J6iJPrDOMXAaiyqPSMtK4SGB1uNuTanNgNalykjgtLpQIQYDF8x4S+DHMP51 x5aZXuNKqRowA3svL5PyRPAZ9Bz9p6Y9s8Tw0GjXlpADxwGXwfMY2jg+xAJ1Y2Pu QWT8+rTqzQCCHTdRFp6zMjS4u+WDGcZgqvX075tDRdU1YQvyg6NzlJwof3OxmG3e QXRkAzPIKCa7aOG9A0YEV1r/scv295uUBTo9P3+ou6IBEh8VJOXUN/XV78E3w0TB p99ODbtkNHk8STinNHLF20Gt5KQ3YbGy9SI4WnyxS+fXvf18Xx9D3nGLaGD38e5I FAQww41RhqeX+OeNQJz+QR4nBmUm873M9ZRyYMD3iUVrce2uc5m3+1ZZOeoJFRfB u+Lmu7pXbos= =jcbp - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-11-binutils security update Advisory ID: RHSA-2021:4594-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4594 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-11-binutils is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in binutils in order to facilitate detection of BiDi Unicode characters: Tools which display names or strings (readelf, strings, nm, objdump) have a new command line option --unicode / -U which controls how Unicode characters are handled. Using "--unicode=default" will treat them as normal for the tool. This is the default behaviour when --unicode option is not used. Using "--unicode=locale" will display them according to the current locale. Using "--unicode=hex" will display them as hex byte values. Using "--unicode=escape" will display them as Unicode escape sequences. Using "--unicode=highlight" will display them as Unicode escape sequences highlighted in red, if supported by the output device. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: gcc-toolset-11-binutils-2.36.1-1.el8_5.1.src.rpm aarch64: gcc-toolset-11-binutils-2.36.1-1.el8_5.1.aarch64.rpm gcc-toolset-11-binutils-debuginfo-2.36.1-1.el8_5.1.aarch64.rpm gcc-toolset-11-binutils-devel-2.36.1-1.el8_5.1.aarch64.rpm ppc64le: gcc-toolset-11-binutils-2.36.1-1.el8_5.1.ppc64le.rpm gcc-toolset-11-binutils-debuginfo-2.36.1-1.el8_5.1.ppc64le.rpm gcc-toolset-11-binutils-devel-2.36.1-1.el8_5.1.ppc64le.rpm s390x: gcc-toolset-11-binutils-2.36.1-1.el8_5.1.s390x.rpm gcc-toolset-11-binutils-debuginfo-2.36.1-1.el8_5.1.s390x.rpm gcc-toolset-11-binutils-devel-2.36.1-1.el8_5.1.s390x.rpm x86_64: gcc-toolset-11-binutils-2.36.1-1.el8_5.1.x86_64.rpm gcc-toolset-11-binutils-debuginfo-2.36.1-1.el8_5.1.i686.rpm gcc-toolset-11-binutils-debuginfo-2.36.1-1.el8_5.1.x86_64.rpm gcc-toolset-11-binutils-devel-2.36.1-1.el8_5.1.i686.rpm gcc-toolset-11-binutils-devel-2.36.1-1.el8_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvZ5NzjgjWX9erEAQjhrg/+MLr1J38tt+DLdKp0R8PpBCFeP8XbuDv6 KOeB+m62F0NKidXJhbBj1ljvVQN3WFy62WmEI4NxBn2FICp2DlZkleA7Rg0GsK2r G3U6RHj84UPQDKm/DLNvGvEpfWurVgtzklqnN4JbvvhEJr04r3PquCdUkcBxj40Y 0xfVwj+QpWuyjCBtdKMPs1HXZQ4skH2RCEgt8P10+2LPwb4ko8W9C39MSY4ZDtU+ cm3GRUxWNM7punalL8Y7RNJyeHiur4fMhH9ZXaMlAwBhBZvbfp267WqxdlCk7H1r M2uar0rb49vtguVxUcDnUg/2zqNCLWrzl8rb0RiRENUfUcFRXYmby7wkV8nJNJwl XPCjrIklpIDzk93SLVV+85LCTCKIFTo88wgY0TiJiGlETPBfsL++TTBWaU8wu022 3Wn9CP3DpF20jo34Uu67NNkkiNcKegpgv/u21NblOxBWbhJ+4/zQwGz6XTe7DQZq lwWD68Bx6VG12iO/nhutR8Nsi81Bq8xTYl+xf/2V/PBzIs9AODW5+3MXawdR7kUS Eg9SL0HYfqMZagGOjbvSSSj34GRXac9f4tbVY56NK+R+gLe3DNCfCFSvgo3kP57E 0tlTOSw7ptXMTzvB5BRfrt6l6Uk61qCU/IFwQ8mKY5eLU51XaSDXHeeBolP9mK11 OrnA4rxs7X4= =+X89 - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-10-annobin security update Advisory ID: RHSA-2021:4589-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4589 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64 3. Description: Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in annobin in order to facilitate detection of BiDi Unicode characters: This update of annobin adds a new annocheck test to detect the presence of multibyte characters in symbol names. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.4): Source: gcc-toolset-10-annobin-9.29-1.el8_4.1.src.rpm aarch64: gcc-toolset-10-annobin-9.29-1.el8_4.1.aarch64.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_4.1.aarch64.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_4.1.aarch64.rpm ppc64le: gcc-toolset-10-annobin-9.29-1.el8_4.1.ppc64le.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_4.1.ppc64le.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_4.1.ppc64le.rpm s390x: gcc-toolset-10-annobin-9.29-1.el8_4.1.s390x.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_4.1.s390x.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_4.1.s390x.rpm x86_64: gcc-toolset-10-annobin-9.29-1.el8_4.1.x86_64.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_4.1.x86_64.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvaVNzjgjWX9erEAQgbhBAAmZiEgZQhYtZvkH59S1gIFkOr6RsPAwRw 7KIa6vvex9eub5MA4RNAjPqnr9vFeMp8YlU+FOLVBfs7L9crDiNVA4/t5IUrvj4Q ciUcHjv+PU+byxBA3jpwy+mtAsvNDF2fNxBEiMI8m9xNNvcUZk1ik28vwHKPlxB3 UxEkHd6YKXuRfQtYtdbEE/kV5Z53FMewhc6aeDsk5L58VW4s4NAtdQH3FCgnvAr1 11m1QXDhrl5vYDKJK8bLh9YdFqvjy6oqm4uJVB/J5EO+nishFo0o0esndUVsvkNJ 9skyPv6kbYf7nzBMo8nSqyjA/UwT2e068k+t9EL+UnOepah1an0YHCLaQqkn4+FW hL6pUGvwDzgi7UD6LDYhw0U1n7Qv0iEO5yZA/icrrG1QurmF1vfHTWTCmPDCvOfA C1fBUOu2eMPJFvhubGj5VqiZtODDeP7trHmA7rA1bdUkTbJBxAzS60PHC5juPUK6 GukdsnQD/OkcgQRcoxW3JyX/jVpweQZc4JAyzMnQfLOrMWwXyeW1ti/gzd6rC9ac 5rB0R0RroDpm7MqoimssoDT1tjWKFl4BXEgrAPvvKHsfA2NYZ/fTVEAx1Qse51AW 8KAm2CmUfzdTchVLRr6KmjOhDxOR9cEmz0UkjtynQnNdbu0keJCotkC09LCzmiUA q5FToLrAckQ= =aLvz - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-11-annobin security update Advisory ID: RHSA-2021:4591-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4591 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-11-annobin is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in annobin in order to facilitate detection of BiDi Unicode characters: This update of annobin adds a new annocheck test to detect the presence of multibyte characters in symbol names. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm aarch64: gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.aarch64.rpm gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.aarch64.rpm gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.aarch64.rpm gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.aarch64.rpm gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.aarch64.rpm noarch: gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm ppc64le: gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.ppc64le.rpm gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.ppc64le.rpm gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.ppc64le.rpm gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.ppc64le.rpm gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.ppc64le.rpm s390x: gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.s390x.rpm gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.s390x.rpm gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.s390x.rpm gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.s390x.rpm gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.s390x.rpm x86_64: gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvZ9dzjgjWX9erEAQijrg//UGm7YT4F4LvVAESTFUwuR+6+I6wBSfKH vDI8UTUHuGL5bgJe+DPAE4zhEBlYQflsSPctGFf9H9aZV6nTIcKtMFZNREyQIC0n IgfbLp5nsipOuU+be7OOatoKAejiBW7ObmfNZJJ7pKnhen4XvjhR/N6SXa5n8hhF WJDv7MTaxwP7ieQr+NIO4HdNtay79M/TJjGTPtsNAOsa9CG20L+0MeKU9HcyvKUW TyH2Q9WhECqzWmeD3knfddCS9FOZ97PbmdGwS9qz7LkeHOja4MuBc19vdZtBB9t7 qFOdSE/l/ktad0H49Hn/g/ka/7a/go3gmXH5ulkpwe/U/c+lnCDvs3Uve0dn0C6V dpROWbMgZKoyCykOGjgC5e8oPFFLa9znS4J9t1uqdTgyt+G9U1yCUKj/5Buz+uTq Jm0iDUpavJktLGihp6aO/uyKGAsWGcRqWwojr7iyaCbXVudiqNEaPBSeYYi5/XRS hNXoBaKzfSWqlkFmr4CYuEBhNohVmTn369ENXfE5Lsoy0TX/HpHzIOlhyjEKM/Li 5nACYby+kj1jPR0gsUA8PxqykPBJmuZXPGKAH+W8RFD5tDPiDBAKcQRyWkPFpLlJ zMGxR49Mngm7KjDfMfnbMx8p+kE4ziAGzKieceXTrqxCitkuddZ4N6m5QCnaIQaY L5fVVJFJgI0= =+TDG - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc-toolset-10-annobin security update Advisory ID: RHSA-2021:4592-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4592 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in annobin in order to facilitate detection of BiDi Unicode characters: This update of annobin adds a new annocheck test to detect the presence of multibyte characters in symbol names. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: gcc-toolset-10-annobin-9.29-1.el8_5.2.src.rpm aarch64: gcc-toolset-10-annobin-9.29-1.el8_5.2.aarch64.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_5.2.aarch64.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_5.2.aarch64.rpm ppc64le: gcc-toolset-10-annobin-9.29-1.el8_5.2.ppc64le.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_5.2.ppc64le.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_5.2.ppc64le.rpm s390x: gcc-toolset-10-annobin-9.29-1.el8_5.2.s390x.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_5.2.s390x.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_5.2.s390x.rpm x86_64: gcc-toolset-10-annobin-9.29-1.el8_5.2.x86_64.rpm gcc-toolset-10-annobin-annocheck-debuginfo-9.29-1.el8_5.2.x86_64.rpm gcc-toolset-10-annobin-debuginfo-9.29-1.el8_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvZ79zjgjWX9erEAQizbxAAnAEGgmTV8go2q4KR/rRm+so1Xvp4iN1T 3bJXzDaLBaxCB8+UWIkZKLUBZ+WXZrfxYs4TjWEYxWq0HFg4Oveyfwb2TdYzD+c2 2QrX6LZmF5xZaM9jlOcxXEoxrakj7x2rr+ZUROX/YyJ7A1p3bkPuNNXM6pnrOhev TttEbDv+OsJ7Pk1Bh+M/JZjKveRbLnnHuG1v/D6sCOYjBZxDwo3vM5Tc060nCGak 0DAhR6NzijQ7a+UNRYow3WY2iW/7j4pXhK08QzRyBalPd3S1XvyKM2kYSKXNRW4W Cpa/8IDqdblnagBk14B8pJFg/UM3uLhyOVtpDIrqExhEDLHzOQC8shhIWe0q9dV6 3MYTxb/D7jXSrDcDkszNfw9QeA2H8d+2m8B5yeez+xZxI69z4SWYwtpFiVZErqIc h73MEnR5Uleo89iALKRBXZFNY07cfAPPNUpY80DD/whM3hfe+EXhtZckztPOttu4 45kIqyvvFP50As6KcGnjqEcjuXretwgekUCmMrKFK8zETRraI31J7303WibWDKuM cnwxk+WKYaCkfbqHYE/Z5EVeL7pKcsuKu5bE8egi1FlJTvJxJWHFUz7LroYZ5HAh 7tPVg37K8lpwqs1OYl/ptwDrdXs6PLJMYMVzlG5f2LYhYqKoel18AY4ood1d4B84 mtOPyOi0fus= =NjSf - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: gcc security update Advisory ID: RHSA-2021:4587-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4587 Issue date: 2021-11-10 CVE Names: CVE-2021-42574 ===================================================================== 1. Summary: An update for gcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: cpp-8.5.0-4.el8_5.aarch64.rpm cpp-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-8.5.0-4.el8_5.aarch64.rpm gcc-c++-8.5.0-4.el8_5.aarch64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debugsource-8.5.0-4.el8_5.aarch64.rpm gcc-gdb-plugin-8.5.0-4.el8_5.aarch64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-gfortran-8.5.0-4.el8_5.aarch64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.aarch64.rpm libasan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libatomic-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgomp-debuginfo-8.5.0-4.el8_5.aarch64.rpm libitm-debuginfo-8.5.0-4.el8_5.aarch64.rpm libitm-devel-8.5.0-4.el8_5.aarch64.rpm liblsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.aarch64.rpm libstdc++-devel-8.5.0-4.el8_5.aarch64.rpm libstdc++-docs-8.5.0-4.el8_5.aarch64.rpm libtsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libubsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm ppc64le: cpp-8.5.0-4.el8_5.ppc64le.rpm cpp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-8.5.0-4.el8_5.ppc64le.rpm gcc-c++-8.5.0-4.el8_5.ppc64le.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debugsource-8.5.0-4.el8_5.ppc64le.rpm gcc-gdb-plugin-8.5.0-4.el8_5.ppc64le.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-gfortran-8.5.0-4.el8_5.ppc64le.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-offload-nvptx-8.5.0-4.el8_5.ppc64le.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libasan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libatomic-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libitm-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libitm-devel-8.5.0-4.el8_5.ppc64le.rpm liblsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libquadmath-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libquadmath-devel-8.5.0-4.el8_5.ppc64le.rpm libstdc++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libstdc++-devel-8.5.0-4.el8_5.ppc64le.rpm libstdc++-docs-8.5.0-4.el8_5.ppc64le.rpm libtsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libubsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm s390x: cpp-8.5.0-4.el8_5.s390x.rpm cpp-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-8.5.0-4.el8_5.s390x.rpm gcc-c++-8.5.0-4.el8_5.s390x.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debugsource-8.5.0-4.el8_5.s390x.rpm gcc-gdb-plugin-8.5.0-4.el8_5.s390x.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-gfortran-8.5.0-4.el8_5.s390x.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.s390x.rpm libasan-debuginfo-8.5.0-4.el8_5.s390x.rpm libatomic-debuginfo-8.5.0-4.el8_5.s390x.rpm libgcc-debuginfo-8.5.0-4.el8_5.s390x.rpm libgfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm libgomp-debuginfo-8.5.0-4.el8_5.s390x.rpm libitm-debuginfo-8.5.0-4.el8_5.s390x.rpm libitm-devel-8.5.0-4.el8_5.s390x.rpm libstdc++-debuginfo-8.5.0-4.el8_5.s390x.rpm libstdc++-devel-8.5.0-4.el8_5.s390x.rpm libstdc++-docs-8.5.0-4.el8_5.s390x.rpm libubsan-debuginfo-8.5.0-4.el8_5.s390x.rpm x86_64: cpp-8.5.0-4.el8_5.x86_64.rpm cpp-debuginfo-8.5.0-4.el8_5.i686.rpm cpp-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-8.5.0-4.el8_5.x86_64.rpm gcc-c++-8.5.0-4.el8_5.x86_64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debugsource-8.5.0-4.el8_5.i686.rpm gcc-debugsource-8.5.0-4.el8_5.x86_64.rpm gcc-gdb-plugin-8.5.0-4.el8_5.i686.rpm gcc-gdb-plugin-8.5.0-4.el8_5.x86_64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-gfortran-8.5.0-4.el8_5.x86_64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-offload-nvptx-8.5.0-4.el8_5.x86_64.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.x86_64.rpm libasan-debuginfo-8.5.0-4.el8_5.i686.rpm libasan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libatomic-debuginfo-8.5.0-4.el8_5.i686.rpm libatomic-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgcc-debuginfo-8.5.0-4.el8_5.i686.rpm libgcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.i686.rpm libgfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-debuginfo-8.5.0-4.el8_5.i686.rpm libgomp-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm libitm-debuginfo-8.5.0-4.el8_5.i686.rpm libitm-debuginfo-8.5.0-4.el8_5.x86_64.rpm libitm-devel-8.5.0-4.el8_5.i686.rpm libitm-devel-8.5.0-4.el8_5.x86_64.rpm liblsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libquadmath-debuginfo-8.5.0-4.el8_5.i686.rpm libquadmath-debuginfo-8.5.0-4.el8_5.x86_64.rpm libquadmath-devel-8.5.0-4.el8_5.i686.rpm libquadmath-devel-8.5.0-4.el8_5.x86_64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.i686.rpm libstdc++-debuginfo-8.5.0-4.el8_5.x86_64.rpm libstdc++-devel-8.5.0-4.el8_5.i686.rpm libstdc++-devel-8.5.0-4.el8_5.x86_64.rpm libstdc++-docs-8.5.0-4.el8_5.x86_64.rpm libtsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libubsan-debuginfo-8.5.0-4.el8_5.i686.rpm libubsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: gcc-8.5.0-4.el8_5.src.rpm aarch64: cpp-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debugsource-8.5.0-4.el8_5.aarch64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.aarch64.rpm libasan-8.5.0-4.el8_5.aarch64.rpm libasan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libatomic-8.5.0-4.el8_5.aarch64.rpm libatomic-debuginfo-8.5.0-4.el8_5.aarch64.rpm libatomic-static-8.5.0-4.el8_5.aarch64.rpm libgcc-8.5.0-4.el8_5.aarch64.rpm libgcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgfortran-8.5.0-4.el8_5.aarch64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgomp-8.5.0-4.el8_5.aarch64.rpm libgomp-debuginfo-8.5.0-4.el8_5.aarch64.rpm libitm-8.5.0-4.el8_5.aarch64.rpm libitm-debuginfo-8.5.0-4.el8_5.aarch64.rpm liblsan-8.5.0-4.el8_5.aarch64.rpm liblsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libstdc++-8.5.0-4.el8_5.aarch64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.aarch64.rpm libtsan-8.5.0-4.el8_5.aarch64.rpm libtsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libubsan-8.5.0-4.el8_5.aarch64.rpm libubsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm ppc64le: cpp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debugsource-8.5.0-4.el8_5.ppc64le.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libasan-8.5.0-4.el8_5.ppc64le.rpm libasan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libatomic-8.5.0-4.el8_5.ppc64le.rpm libatomic-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libatomic-static-8.5.0-4.el8_5.ppc64le.rpm libgcc-8.5.0-4.el8_5.ppc64le.rpm libgcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgfortran-8.5.0-4.el8_5.ppc64le.rpm libgfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-8.5.0-4.el8_5.ppc64le.rpm libgomp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-offload-nvptx-8.5.0-4.el8_5.ppc64le.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libitm-8.5.0-4.el8_5.ppc64le.rpm libitm-debuginfo-8.5.0-4.el8_5.ppc64le.rpm liblsan-8.5.0-4.el8_5.ppc64le.rpm liblsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libquadmath-8.5.0-4.el8_5.ppc64le.rpm libquadmath-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libstdc++-8.5.0-4.el8_5.ppc64le.rpm libstdc++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libtsan-8.5.0-4.el8_5.ppc64le.rpm libtsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libubsan-8.5.0-4.el8_5.ppc64le.rpm libubsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm s390x: cpp-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debugsource-8.5.0-4.el8_5.s390x.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.s390x.rpm libasan-8.5.0-4.el8_5.s390x.rpm libasan-debuginfo-8.5.0-4.el8_5.s390x.rpm libatomic-8.5.0-4.el8_5.s390x.rpm libatomic-debuginfo-8.5.0-4.el8_5.s390x.rpm libatomic-static-8.5.0-4.el8_5.s390x.rpm libgcc-8.5.0-4.el8_5.s390x.rpm libgcc-debuginfo-8.5.0-4.el8_5.s390x.rpm libgfortran-8.5.0-4.el8_5.s390x.rpm libgfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm libgomp-8.5.0-4.el8_5.s390x.rpm libgomp-debuginfo-8.5.0-4.el8_5.s390x.rpm libitm-8.5.0-4.el8_5.s390x.rpm libitm-debuginfo-8.5.0-4.el8_5.s390x.rpm libstdc++-8.5.0-4.el8_5.s390x.rpm libstdc++-debuginfo-8.5.0-4.el8_5.s390x.rpm libubsan-8.5.0-4.el8_5.s390x.rpm libubsan-debuginfo-8.5.0-4.el8_5.s390x.rpm x86_64: cpp-debuginfo-8.5.0-4.el8_5.i686.rpm cpp-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debugsource-8.5.0-4.el8_5.i686.rpm gcc-debugsource-8.5.0-4.el8_5.x86_64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.x86_64.rpm libasan-8.5.0-4.el8_5.i686.rpm libasan-8.5.0-4.el8_5.x86_64.rpm libasan-debuginfo-8.5.0-4.el8_5.i686.rpm libasan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libatomic-8.5.0-4.el8_5.i686.rpm libatomic-8.5.0-4.el8_5.x86_64.rpm libatomic-debuginfo-8.5.0-4.el8_5.i686.rpm libatomic-debuginfo-8.5.0-4.el8_5.x86_64.rpm libatomic-static-8.5.0-4.el8_5.i686.rpm libatomic-static-8.5.0-4.el8_5.x86_64.rpm libgcc-8.5.0-4.el8_5.i686.rpm libgcc-8.5.0-4.el8_5.x86_64.rpm libgcc-debuginfo-8.5.0-4.el8_5.i686.rpm libgcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgfortran-8.5.0-4.el8_5.i686.rpm libgfortran-8.5.0-4.el8_5.x86_64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.i686.rpm libgfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-8.5.0-4.el8_5.i686.rpm libgomp-8.5.0-4.el8_5.x86_64.rpm libgomp-debuginfo-8.5.0-4.el8_5.i686.rpm libgomp-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-offload-nvptx-8.5.0-4.el8_5.x86_64.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm libitm-8.5.0-4.el8_5.i686.rpm libitm-8.5.0-4.el8_5.x86_64.rpm libitm-debuginfo-8.5.0-4.el8_5.i686.rpm libitm-debuginfo-8.5.0-4.el8_5.x86_64.rpm liblsan-8.5.0-4.el8_5.x86_64.rpm liblsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libquadmath-8.5.0-4.el8_5.i686.rpm libquadmath-8.5.0-4.el8_5.x86_64.rpm libquadmath-debuginfo-8.5.0-4.el8_5.i686.rpm libquadmath-debuginfo-8.5.0-4.el8_5.x86_64.rpm libstdc++-8.5.0-4.el8_5.i686.rpm libstdc++-8.5.0-4.el8_5.x86_64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.i686.rpm libstdc++-debuginfo-8.5.0-4.el8_5.x86_64.rpm libtsan-8.5.0-4.el8_5.x86_64.rpm libtsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libubsan-8.5.0-4.el8_5.i686.rpm libubsan-8.5.0-4.el8_5.x86_64.rpm libubsan-debuginfo-8.5.0-4.el8_5.i686.rpm libubsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: cpp-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-debugsource-8.5.0-4.el8_5.aarch64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm gcc-plugin-devel-8.5.0-4.el8_5.aarch64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.aarch64.rpm libasan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libatomic-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgcc-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.aarch64.rpm libgomp-debuginfo-8.5.0-4.el8_5.aarch64.rpm libitm-debuginfo-8.5.0-4.el8_5.aarch64.rpm liblsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.aarch64.rpm libstdc++-static-8.5.0-4.el8_5.aarch64.rpm libtsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm libubsan-debuginfo-8.5.0-4.el8_5.aarch64.rpm ppc64le: cpp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-debugsource-8.5.0-4.el8_5.ppc64le.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm gcc-plugin-devel-8.5.0-4.el8_5.ppc64le.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libasan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libatomic-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgcc-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgfortran-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libitm-debuginfo-8.5.0-4.el8_5.ppc64le.rpm liblsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libquadmath-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libstdc++-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libstdc++-static-8.5.0-4.el8_5.ppc64le.rpm libtsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm libubsan-debuginfo-8.5.0-4.el8_5.ppc64le.rpm s390x: cpp-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-debugsource-8.5.0-4.el8_5.s390x.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm gcc-plugin-devel-8.5.0-4.el8_5.s390x.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.s390x.rpm libasan-debuginfo-8.5.0-4.el8_5.s390x.rpm libatomic-debuginfo-8.5.0-4.el8_5.s390x.rpm libgcc-debuginfo-8.5.0-4.el8_5.s390x.rpm libgfortran-debuginfo-8.5.0-4.el8_5.s390x.rpm libgomp-debuginfo-8.5.0-4.el8_5.s390x.rpm libitm-debuginfo-8.5.0-4.el8_5.s390x.rpm libstdc++-debuginfo-8.5.0-4.el8_5.s390x.rpm libstdc++-static-8.5.0-4.el8_5.s390x.rpm libubsan-debuginfo-8.5.0-4.el8_5.s390x.rpm x86_64: cpp-debuginfo-8.5.0-4.el8_5.i686.rpm cpp-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-c++-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-debugsource-8.5.0-4.el8_5.i686.rpm gcc-debugsource-8.5.0-4.el8_5.x86_64.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gdb-plugin-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-gfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm gcc-plugin-devel-8.5.0-4.el8_5.i686.rpm gcc-plugin-devel-8.5.0-4.el8_5.x86_64.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.i686.rpm gcc-plugin-devel-debuginfo-8.5.0-4.el8_5.x86_64.rpm libasan-debuginfo-8.5.0-4.el8_5.i686.rpm libasan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libatomic-debuginfo-8.5.0-4.el8_5.i686.rpm libatomic-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgcc-debuginfo-8.5.0-4.el8_5.i686.rpm libgcc-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgfortran-debuginfo-8.5.0-4.el8_5.i686.rpm libgfortran-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-debuginfo-8.5.0-4.el8_5.i686.rpm libgomp-debuginfo-8.5.0-4.el8_5.x86_64.rpm libgomp-offload-nvptx-debuginfo-8.5.0-4.el8_5.x86_64.rpm libitm-debuginfo-8.5.0-4.el8_5.i686.rpm libitm-debuginfo-8.5.0-4.el8_5.x86_64.rpm liblsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libquadmath-debuginfo-8.5.0-4.el8_5.i686.rpm libquadmath-debuginfo-8.5.0-4.el8_5.x86_64.rpm libstdc++-debuginfo-8.5.0-4.el8_5.i686.rpm libstdc++-debuginfo-8.5.0-4.el8_5.x86_64.rpm libstdc++-static-8.5.0-4.el8_5.i686.rpm libstdc++-static-8.5.0-4.el8_5.x86_64.rpm libtsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm libubsan-debuginfo-8.5.0-4.el8_5.i686.rpm libubsan-debuginfo-8.5.0-4.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYvaFdzjgjWX9erEAQh+YRAAj2/XugmNChcdQafEqMIrMhV442tbYgty r234wjZlGWvzMSd49Z+HQwnNhyQsMrVa0V7x/17kWgZKYZo7glCXNb1FsQh/HZ4i hL7U0kaZdKO0TfwjXsNokRNPa3G7zBGrLbOvLxWGhttzvaPTZehxw77aXt+/9JaM fXAOAybRUpCZMGGnOyQf2S3P8NLkDL6+v0vl5vJfAwF7neP0UoXG+gyudhIFlPDC UDBsqWeTBqs5TqouWfcuSZPs9BN3Vc4haX6tjBGTpo1gCt5R45OL4IcVLYns7pLk xO872Uzs9NENC/IMGlV3sDRgM7l7zRaRkJ0JQ6kbZBBchrSOw+bUGBARnKIl4UKg dFOQnLZngVAqPUN/P/Sj2nk9DvtD7YIaNfh+yUwZEQ3ZvgvLbVguFlXU5+XwlbE7 IltAEpy5fH2tx4231Y7nM0cZG+pKs0RxFSdLoP86l32ZsJ8zv2A1pQeE8XGLS/F7 EDPd0JkgkF0ek/QalFIaH6KdUdvD43r25rEm1S9EK7LnJeRxKGI3kHMh2k7v+x5z CHy+fgijIC9SC4xIZ0+OiG451vbwC11nW1cModAgqwEiLXRnE7zbm6QgbCIkaeF0 UGHLCqzVoYmdI5Il+Ii4juCab0aPdcE23/S+uLSMT/htod9BLmf7VpGyK0PIX+K4 xBUfuDFRWg0= =FIba - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYYxtEuNLKJtyKPYoAQjwtRAApEu0Km429qdiUikTuqZIDQ5Hva8t0LXo FrNyyeFg4yi3crmtAUvbVzMLrfOTjyB8gU14hpIyLP0IHdW5OH4qYj6NA0BkXQIt Bev3qCNyyMnDDHF5/jP4ITg3uLdKP7IEk9/N8R5TWokSexABID44xoSRa6jbwsz1 LMJ03+Ab2f5DVmuu3K/bmx41NVa+Ks9d/KMIJJm70OCu3GXSuYHU1jGw/CabyaOi 5v48mrkyii92bMFfxNllhu+8vXkPC+XikkSyFDbUlGoI3D8OPkfgd5MxqJQo2G1R tt5raUssnJGI/sspILlRFtpXNxc063sbnrT/NO/85fUvb0A25KzWOQrEhBgkh2UQ hvD7iCYNzKMdr38FyW5zYYkgnsaqDTrw2USZ1cvtIaGibGYqUudQiIfDRXDDNhWY T+6aZzVxS10YliRWDpLikAl/b9+rZOCr8c5DgkxrUGfRHPhK434e0q6BzrBfAOKO pldcgtxvbCiGw+c7B1peX9XqcP6W+MJNJJKzHww6x+7QRVs3tSZVhxW765w9vnl8 acEr7N5ZV+Pd9DQjJv9Bde0RGXLbdRWEqMxy786RAuCZyW8cb2VPz+f507lmnJ6d cygEqfpGCaCJfyWZ9/b3qTDB1BrxXPunWBnLYdcb1GgDfkZiqdZGnq2vQHI9ovWQ gbWVjZG5x2A= =giCB -----END PGP SIGNATURE-----