[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2021:4039-01 -- Redhat devtoolset-10-gcc, devtoolset-10-libasan-devel, devtoolset-10-libatomic-devel, devtoolset-10-libgccjit, devtoolset-10-libitm-devel, devtoolset-10-liblsan-devel, devtoolset-10-libquadmath-devel, devtoolset-10-libstdc++-devel, devtoolset-10-libstdc++-docs, devtoolset-10-libtsan-devel, devtoolset-10-libubsan-devel, libasan6, liblsan, libtsan, libubsan1

ID: oval:org.secpod.oval:def:506396Date: (C)2021-11-22   (M)2024-06-13
Class: PATCHFamily: unix




The GNU Compiler Collection is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The devtoolset-10-gcc packages provide the Red Hat Developer Toolset 10 version of GCC, as well as related libraries. Security Fix: * Developer environment: Unicode"s bidirectional override characters can cause trojan source attacks The following changes were introduced in binutils in order to facilitate detection of BiDi Unicode characters: This gcc update implements -Wbidirectional=[none|unpaired|any] to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by GCC: and;-Wbidirectional=unpaired and;, which warns about improperly terminated bidi contexts. and;-Wbidirectional=none and;, turns the warning off. and;-Wbidirectional=any and; warns about any use of bidirectional characters. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Platform:
Red Hat Enterprise Linux 7
Product:
devtoolset-10-gcc
devtoolset-10-libasan-devel
devtoolset-10-libatomic-devel
devtoolset-10-libgccjit
devtoolset-10-libitm-devel
devtoolset-10-liblsan-devel
devtoolset-10-libquadmath-devel
devtoolset-10-libstdc++-devel
devtoolset-10-libstdc++-docs
devtoolset-10-libtsan-devel
devtoolset-10-libubsan-devel
libasan6
liblsan
libtsan
libubsan1
Reference:
RHSA-2021:4039-01
CVE-2021-42574
CVE    1
CVE-2021-42574

© SecPod Technologies