ELSA-2020-1864

ELSA-2020-1864 - gcc security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2020-05-05

Description


[8.3.1-5.0.3]
- Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested #include
This is the same bug as gcc upstream PR90581 from Gcc9:
gcc9-pr90581.patch
- Fix Orabug 29541051 - confusing error message when there is a problem
with ASAN_OPTIONS 'ERROR: expected '=''
This is the same bug as gcc upstream PR89832 from Gcc9:
gcc9-pr89832.patch

[8.3.1-5.0.2]
- Update support for CTF
- Fix Orabug 30833294 GCC generates incorrect CTF for single element arrays
- Fix Orabug 30808764 CTF generation fails when __attribute__ ((mode (XX))) is
used

[8.3.1-5.0.1]
- Forward-port Oracle patches from ol8-u1.
- Apply ares/neoverse support patches only ifarch aarch64.
(Qing Zhao 8.3.1-4.5.0.6)
- Add 5 patches from gcc9 to support Arm Ares and Neoverse-N1 for Aarch64
gcc9-add-mtune-support-for-arm-ares.patch
gcc9-add-vec-reverse.patch
gcc9-multiple-changes-align.patch
gcc9-initial-mcpu-ares-tuning.patch
gcc9-add-support-for-neoverse-n1.patch
(Indu Bhagat 8.3.1-4.5.0.5)
- Update support for CTF
- Fix Orabug 30778534 gcc should generate CTF for functions at file-scope only
- Fix Orabug 30779193 CTF generation fails for some flavors of vla
- Fix Orabug 30784275 Fix issues wtih CTF generation for typedef constructs
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
(Indu Bhagat 8.3.1-4.5.0.4)
- Add support for CTF in GCC
- Fix Orabug 30102948 gcc: Add CTF generation to compiler
- Fix Orabug 30102949 gcc: Add CTF generation to compiler (aarch64)
ctf-1-new-function-lang_GNU_GIMPLE.patch
ctf-2-command-line-options-gtLEVEL.patch
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
ctf-5-handle-ctf-sections-when-lto-enabled.patch
(Qing Zhao 8.3.1-4.5.0.3)
- CVE-2018-12207 / Intel SKX102
OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207
- Allow -flto -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries
to GNU assembler. Without -lfto, -Wa,-mbranches-within-32B-boundaries to pass
-mbranches-within-32B-boundaries to GNU assembler using existing GCC binaries.
- Mitigation patch:
gcc8-Fix-Wa-with-flto.patch
(Qing Zhao 8.3.1-4.5.0.2)
- Fix Orabug 29968294 - Heap corruption with fprofile-dir=%p prevents
profiling parallel processes, needed for RDBMS:
Add patch to fix PR86057 from Gcc9:
gcc9-pr86057.patch
- Fix Orabug 30044244 - Profile directory concatenated with object file path
This is the same bug as gcc upstream PR91971:
gcc9-pr85759.patch
gcc10-pr91971.patch
(Indu Bhagat 8.3.1-4.5.0.1)
- Fix Orabug 29599147 - Need -fprofile-dir=%q{VAR} backported to gcc8
This is the similar GCC PR47618, add the fix from GCC9:
gcc9-pr47618.patch
- Fix Orabug 29272977 - DB SUPPORT: Need way to dump inlining report from GCC
Add -fopt-info-inline support from GCC9:
gcc9-opt-info-inline.patch
- Fix Orabug 29273006 - DB SUPPORT: need way to turn off inlining of global functions
Add -flive-patching support from GCC9:
gcc9-fipa-reference-addressable.patch
gcc9-fipa-stack-alignment.patch
gcc9-add-fomit-frame-pointer-to-test.patch
gcc9-extend-live-patching-option-handling.patch
gcc9-ipa-stack-alignment-386-test.patch
- Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.
- Backport 17 ampere patches from
https://git.theobroma-systems.com/ampere-computing/gcc.git/log/?h=gcc-8_2_0-amp3-branch
e18301133ea622f6d6796ded1d15466e70475cf8: Retpoline (Spectre-V2 mitigation) for
aarch64.
d735f3ae4712f66362326d179b4d7e9332c79677: Revert 2017-10-24 Richard Biener
271e2811e59c0c77fc022fa86a7030f20b4cac8e: Correct the maximum shift amount for
shifted
0512749950d927de3dd695f2f2aacdfd30cf32fd: Add CPU support for Ampere Computings
eMAG.
c8b87078f9e0714cb9cab602e12a18ceb12df05a: eMAG/Xgene: Procedural cost-model for
X-Gene
74610471b3577c5d465c3fd095a65b796b1e074c: Updating cost table for xgene1.
ddba1553ac412be5596e6e2962c148032c4cf231: [AArch64] Add Xgene1 prefetch tunings.
b7ebb0a10a8900324074070188a0936ed81b28a4: [AArch64] Fix in xgene1_addrcost_table
393dc5c50d55d069f91627bf0be5bab812978850: X-Gene: Adapt tuning struct for GCC 8.
b9136d58824af2118c4969c3edb42cad3318b08f: tree-ssa-list-find-pipeline:
Add pipelining loads for list finds.
095496dd8a9491a17a9caec173281ad02e559df5: uncse: Added pass to undo common
subexpression elimination.
a7c8dc238e3656e9d2f9256ee76f933c8d7956fb: loop-prefetcher: Adapt defaults for
X-Gene cores.
256307f293f1750851576e14c8a42b696eced2da: tree-ssa-cpp: Dont crash on SSA names
without definition stmts.
6e32f53be4f6733f6bfe267ad2337aecaf4047f6: Introduce new option -funroll-more.
1ac2485a2fced091a5cce6343fe6a6337f850e73: New option to bypass aliasing-checks.
66d7d833bece61e58998ad53a609cd32e3ee4fad: cfgloopmanip: Allow forced creation
of loop preheaders.
c4f89d50e200538b1ac8889801705300e0b27ef2: Add new pass to optimise loops.
- Reviewed by: Elena Zannoni

[8.3.1-5]
- update from Fedora gcc-8.3.1-5 (#1747157)
- use unspec_volatile for darn (PR target/91481, #1760205, CVE-2019-15847)


Related CVEs


CVE-2019-15847

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) gcc-8.3.1-5.0.3.el8.src.rpmc8a13992d3b042c55174c6d65da348b8-
cpp-8.3.1-5.0.3.el8.aarch64.rpm3fad947011d58e76866e8206bfd8718c-
gcc-8.3.1-5.0.3.el8.aarch64.rpm9f1f5927ecbb0a271e49cd69d229c2b2-
gcc-c++-8.3.1-5.0.3.el8.aarch64.rpm774e54173e444e5ef2cf1cef5520c8ba-
gcc-gdb-plugin-8.3.1-5.0.3.el8.aarch64.rpmcfcd47b72d39331cdcf05a8cba6cca7f-
gcc-gfortran-8.3.1-5.0.3.el8.aarch64.rpm5cea9d5b08525d43764cc6bd46a9fb3b-
gcc-plugin-devel-8.3.1-5.0.3.el8.aarch64.rpmd3a05c650c7565505e4cb8db39794ec7-
libasan-8.3.1-5.0.3.el8.aarch64.rpme471c8321e810cb3852d01f6e5dab945-
libatomic-8.3.1-5.0.3.el8.aarch64.rpm5458f18f8ec9ef2d5bbcc7035cf256ae-
libatomic-static-8.3.1-5.0.3.el8.aarch64.rpme56b390725349124c9b9e9502b5c7898-
libgcc-8.3.1-5.0.3.el8.aarch64.rpm7429d85af11cea8c2e5bc69fc79acf67-
libgfortran-8.3.1-5.0.3.el8.aarch64.rpmae60c27f97cdf525341a571737d1cd89-
libgomp-8.3.1-5.0.3.el8.aarch64.rpm1fd58e6ee3cc4122465ab3d4fda862c9-
libitm-8.3.1-5.0.3.el8.aarch64.rpm67d3bcebf56b364234f0793b1f1df21c-
libitm-devel-8.3.1-5.0.3.el8.aarch64.rpmc8c48eb263dc6a3bc0754436cba7d605-
liblsan-8.3.1-5.0.3.el8.aarch64.rpm0b6cd9fe33ea1ede6d6d0998e5cfd3b3-
libstdc++-8.3.1-5.0.3.el8.aarch64.rpm72c719358bb7daa85647f7d4ae80b5c5-
libstdc++-devel-8.3.1-5.0.3.el8.aarch64.rpmcba0b4f142772b3be1bf61708aaa91a4-
libstdc++-docs-8.3.1-5.0.3.el8.aarch64.rpm5cfa6d0f70961bc372b574ac4451284a-
libstdc++-static-8.3.1-5.0.3.el8.aarch64.rpm386a0d03c6f6fc812bed9d29bcf5c1a6-
libtsan-8.3.1-5.0.3.el8.aarch64.rpmea471bc57cd4d4ddbf9420a59518e716-
libubsan-8.3.1-5.0.3.el8.aarch64.rpm52155fcdb4d8324200524ad8f7e4cf3b-
Oracle Linux 8 (x86_64) gcc-8.3.1-5.0.3.el8.src.rpmc8a13992d3b042c55174c6d65da348b8-
cpp-8.3.1-5.0.3.el8.x86_64.rpm0f8f57b27027bcc0e72727289a4445bb-
gcc-8.3.1-5.0.3.el8.x86_64.rpmc6399a098cfc83b5f409846b4e0329e8-
gcc-c++-8.3.1-5.0.3.el8.x86_64.rpmd90e5bfcb5dc6f8b3086444b39eb405f-
gcc-gdb-plugin-8.3.1-5.0.3.el8.i686.rpma0597625854f253ae87b0094130f0c94-
gcc-gdb-plugin-8.3.1-5.0.3.el8.x86_64.rpmee83e9492f644fe1d32342314ab1a36d-
gcc-gfortran-8.3.1-5.0.3.el8.x86_64.rpm80bebbad57566ba39c0f1e023e4577b2-
gcc-offload-nvptx-8.3.1-5.0.3.el8.x86_64.rpm52e535bd6db80a87b32d62f57fbcab98-
gcc-plugin-devel-8.3.1-5.0.3.el8.i686.rpm9c132c898a8e7d9d9783a576c16f254f-
gcc-plugin-devel-8.3.1-5.0.3.el8.x86_64.rpm143f2855d5ff8b56214dfbe0b59db608-
libasan-8.3.1-5.0.3.el8.i686.rpm66893c40a9771e6a9987777bb251fdd3-
libasan-8.3.1-5.0.3.el8.x86_64.rpm8239c5dcc65e64cbfad0c9ab8dea51a1-
libatomic-8.3.1-5.0.3.el8.i686.rpmc23bc2c4356ff4f48c42bd196607232c-
libatomic-8.3.1-5.0.3.el8.x86_64.rpmd24c7c3cb5d40f9269f0d8658b927502-
libatomic-static-8.3.1-5.0.3.el8.i686.rpmc0a88e8b398dfbb84a68584770ad1b3a-
libatomic-static-8.3.1-5.0.3.el8.x86_64.rpmd847ed28f6c92bb4d121cdf0b801c32e-
libgcc-8.3.1-5.0.3.el8.i686.rpm321c4de48937fd160bdeb592867faf0a-
libgcc-8.3.1-5.0.3.el8.x86_64.rpmbf4a9342b2129bcaa38b5195acb6792a-
libgfortran-8.3.1-5.0.3.el8.i686.rpma7928a17ecd2d9d21916743b7690a0b0-
libgfortran-8.3.1-5.0.3.el8.x86_64.rpmf7b7fa7f10e23ef840f9d19d03090984-
libgomp-8.3.1-5.0.3.el8.i686.rpm53b913c435c1e0b724ee9ff9a376a823-
libgomp-8.3.1-5.0.3.el8.x86_64.rpm9054b851f32b3b2374eb2fbac05de956-
libgomp-offload-nvptx-8.3.1-5.0.3.el8.x86_64.rpmca5c9029e87a9ca2f03e7eacf8a64a20-
libitm-8.3.1-5.0.3.el8.i686.rpm00548834fced83b00ba301827a93ba32-
libitm-8.3.1-5.0.3.el8.x86_64.rpm0d5d790e1d4ff5528609f28944302397-
libitm-devel-8.3.1-5.0.3.el8.i686.rpm3771473854714df2c411aed3fd49e2ef-
libitm-devel-8.3.1-5.0.3.el8.x86_64.rpma781bc8d71062de54ae76f7093f57937-
liblsan-8.3.1-5.0.3.el8.x86_64.rpmf02c48b173cb16700fd74265f7987a68-
libquadmath-8.3.1-5.0.3.el8.i686.rpm367aa1829403890731432840c8bb8dda-
libquadmath-8.3.1-5.0.3.el8.x86_64.rpm1ccdb439c9691c2a6cd78a24029052ca-
libquadmath-devel-8.3.1-5.0.3.el8.i686.rpm93ab76b03075162c9cf45d858c3a10d9-
libquadmath-devel-8.3.1-5.0.3.el8.x86_64.rpm2930f3cef059bc9b6ef1f12c398ed8ba-
libstdc++-8.3.1-5.0.3.el8.i686.rpm6b925b2d11816b6aa74e5551fc97ce7d-
libstdc++-8.3.1-5.0.3.el8.x86_64.rpmb86b72392fe9f37380c5ae34b2623d78-
libstdc++-devel-8.3.1-5.0.3.el8.i686.rpm4a7b7208dc697da3749c3c99580b596c-
libstdc++-devel-8.3.1-5.0.3.el8.x86_64.rpmf302970f3a9c2b15f6c9eb0da635c827-
libstdc++-docs-8.3.1-5.0.3.el8.x86_64.rpmb52d7b9c1c3e33af36ae3d341471d81a-
libstdc++-static-8.3.1-5.0.3.el8.i686.rpm89ff78cf761331044ea6a7d74c50a896-
libstdc++-static-8.3.1-5.0.3.el8.x86_64.rpm7899c6380b0f1ec59c39fd0f0f7b0a7c-
libtsan-8.3.1-5.0.3.el8.x86_64.rpm1e55f8aa3d12a7f370e625dc49284a30-
libubsan-8.3.1-5.0.3.el8.i686.rpmdf5951f32ba0f8c3b0d5159feae079c0-
libubsan-8.3.1-5.0.3.el8.x86_64.rpmdea297adfe9411c700476d9fc1dab105-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete