ELSA-2021-4386

ELSA-2021-4386 - gcc security and bug fix update

Type:SECURITY
Severity:LOW
Release Date:2021-11-16

Description


[8.5.0-3.0.2]
- Fix Orabug 33451471 and backport CTF/BTF enhancements
ctfc: Free CTF container elements in ctfc_delete_container ()
ctf: Do not warn for CTF not supported for GNU GIMPLE
ICE in btf_finalize when compiling with -gbtf (PR debug/102507, Orabug
33451471)
Reviewed-by: Jose E. Marchesi

[8.5.0-3.0.1]
- Merge the following oracle patches to OL8.5 beta:

- Fix an aarch64 compilation error triggered by the oracle patch
gcc9-multiple-changes-align.patch on OL8U5 source base.
gcc-fix-aarch64-tune-params.patch
- Fix Orabug 33281392 Update CTF and BTF support in OL8 GCC
This commit brings the support for CTF/BTF debug formats at par with
upstream. GCC now generates the CTF/BTF debug information by using the
internal DWARF representation.
For backward compatibility reasons, OL8 GCC continues to support -gt
command line option.
(Indu Bhagat 8.4.1-1.0.3)
- Add complex divide improvement
backport of upstream commit 54f0224d55a1b56dde092460ddf76913670e6efc
(Patrick.McGehearty 8.4.1-1.0.2)
- Fix Orabug 32301371 - bug using gcov with preserve paths option
This is the same bug as GCC bug PR gcov-profile/88994
gcc9-pr88994.patch
(Qing Zhao 8.3.1-5.1.0.2)
- Fix generation of CTF type records for completed structs referred
thru pointers.
Orabug 31095790.
(Jose E. Marchesi 8.3.1-5.0.4)
- Fix Orabug 29838827 - provide an option to adjust the maximum depth
of nested #include
This is the same bug as gcc upstream PR90581 from Gcc9:
gcc9-pr90581.patch
- Fix Orabug 29541051 - confusing error message when there is a problem
with ASAN_OPTIONS 'ERROR: expected '=''
This is the same bug as gcc upstream PR89832 from Gcc9:
gcc9-pr89832.patch
(Qing Zhao 8.3.1-5.0.3)
- Update support for CTF
Fix Orabug 30833294 GCC generates incorrect CTF for single element arrays
Fix Orabug 30808764 CTF generation fails when __attribute__ ((mode (XX))) is
used
(Indu Bhagat 8.3.1-5.0.2)
- Apply ares/neoverse support patches only ifarch aarch64.
(Qing Zhao 8.3.1-4.5.0.6)
- Add 4 patches from gcc9 to support Arm Ares and Neoverse-N1 for Aarch64
gcc9-add-vec-reverse.patch
gcc9-multiple-changes-align.patch
gcc9-initial-mcpu-ares-tuning.patch
gcc9-add-support-for-neoverse-n1.patch
(Indu Bhagat 8.3.1-4.5.0.5)
- Update support for CTF
Fix Orabug 30778534 gcc should generate CTF for functions at file-scope only
Fix Orabug 30779193 CTF generation fails for some flavors of vla
Fix Orabug 30784275 Fix issues wtih CTF generation for typedef constructs
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
(Indu Bhagat 8.3.1-4.5.0.4)
- Add support for CTF in GCC
Fix Orabug 30102948 gcc: Add CTF generation to compiler
Fix Orabug 30102949 gcc: Add CTF generation to compiler (aarch64)
ctf-1-new-function-lang_GNU_GIMPLE.patch
ctf-2-command-line-options-gtLEVEL.patch
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
ctf-5-handle-ctf-sections-when-lto-enabled.patch
(Qing Zhao 8.3.1-4.5.0.3)
- CVE-2018-12207 / Intel SKX102
OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207
- Allow -flto -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries
to GNU assembler. Without -lfto, -Wa,-mbranches-within-32B-boundaries to pass
-mbranches-within-32B-boundaries to GNU assembler using existing GCC binaries.
- Mitigation patch:
gcc8-Fix-Wa-with-flto.patch
(Qing Zhao 8.3.1-4.5.0.2)
- Fix Orabug 29968294 - Heap corruption with fprofile-dir=%p prevents
profiling parallel processes, needed for RDBMS:
Add patch to fix PR86057 from Gcc9:
gcc9-pr86057.patch
- Fix Orabug 30044244 - Profile directory concatenated with object file path
This is the same bug as gcc upstream PR91971:
gcc9-pr85759.patch
gcc10-pr91971.patch
(Indu Bhagat 8.3.1-4.5.0.1)
- Fix Orabug 29599147 - Need -fprofile-dir=%q{VAR} backported to gcc8
This is the similar GCC PR47618, add the fix from GCC9:
gcc9-pr47618.patch
- Fix Orabug 29272977 - DB SUPPORT: Need way to dump inlining report from GCC
Add -fopt-info-inline support from GCC9:
gcc9-opt-info-inline.patch
- Fix Orabug 29273006 - DB SUPPORT: need way to turn off inlining of global functions
Add -flive-patching support from GCC9:
gcc9-fipa-reference-addressable.patch
gcc9-fipa-stack-alignment.patch
gcc9-add-fomit-frame-pointer-to-test.patch
gcc9-extend-live-patching-option-handling.patch
gcc9-ipa-stack-alignment-386-test.patch
- Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.
- Backport 17 ampere patches from
https://git.theobroma-systems.com/ampere-computing/gcc.git/log/?h=gcc-8_2_0-amp3-branch
e18301133ea622f6d6796ded1d15466e70475cf8: Retpoline (Spectre-V2 mitigation) for
aarch64.
d735f3ae4712f66362326d179b4d7e9332c79677: Revert 2017-10-24 Richard Biener
271e2811e59c0c77fc022fa86a7030f20b4cac8e: Correct the maximum shift amount for
shifted
0512749950d927de3dd695f2f2aacdfd30cf32fd: Add CPU support for Ampere Computings
eMAG.
c8b87078f9e0714cb9cab602e12a18ceb12df05a: eMAG/Xgene: Procedural cost-model for
X-Gene
74610471b3577c5d465c3fd095a65b796b1e074c: Updating cost table for xgene1.
ddba1553ac412be5596e6e2962c148032c4cf231: [AArch64] Add Xgene1 prefetch tunings.
b7ebb0a10a8900324074070188a0936ed81b28a4: [AArch64] Fix in xgene1_addrcost_table
393dc5c50d55d069f91627bf0be5bab812978850: X-Gene: Adapt tuning struct for GCC 8.
b9136d58824af2118c4969c3edb42cad3318b08f: tree-ssa-list-find-pipeline:
Add pipelining loads for list finds.
095496dd8a9491a17a9caec173281ad02e559df5: uncse: Added pass to undo common
subexpression elimination.
a7c8dc238e3656e9d2f9256ee76f933c8d7956fb: loop-prefetcher: Adapt defaults for
X-Gene cores.
256307f293f1750851576e14c8a42b696eced2da: tree-ssa-cpp: Dont crash on SSA names
without definition stmts.
6e32f53be4f6733f6bfe267ad2337aecaf4047f6: Introduce new option -funroll-more.
1ac2485a2fced091a5cce6343fe6a6337f850e73: New option to bypass aliasing-checks.
66d7d833bece61e58998ad53a609cd32e3ee4fad: cfgloopmanip: Allow forced creation
of loop preheaders.
c4f89d50e200538b1ac8889801705300e0b27ef2: Add new pass to optimise loops.

[8.5.0-3]
- fix mangling of lambdas in default args (PR c++/91241, #1981822)
- add a few Provides: bundled

[8.5.0-2]
- revert upstream PR85873 gcc-8 fix, apply the fix from gcc-9 (#1960701)
- fix 'this' adjustment for devirtualized call (PR c++/100797, #1965951)

[8.5.0-1]
- update from GCC 8.5 release (#1946758)
- this includes a fix for PR target/87839 (#1958295)


Related CVEs


CVE-2018-20673

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) gcc-8.5.0-3.0.2.el8.src.rpm7a0890216e3fef93130de67029a1a579-
cpp-8.5.0-3.0.2.el8.aarch64.rpm1f09f8cef3f3d1faf1bd203839fdeee2-
gcc-8.5.0-3.0.2.el8.aarch64.rpm071744feb1988c75489600e41ab0ba94-
gcc-c++-8.5.0-3.0.2.el8.aarch64.rpm82658aa8bb6028e9513026372b6b7202-
gcc-gdb-plugin-8.5.0-3.0.2.el8.aarch64.rpma301b9b541bbb38ae6f8406033c12ebe-
gcc-gfortran-8.5.0-3.0.2.el8.aarch64.rpma48b5f1feceb3eb8c5605ee417db563f-
gcc-plugin-devel-8.5.0-3.0.2.el8.aarch64.rpm77c44536789abbe8e6c8edbe21ee8031-
libasan-8.5.0-3.0.2.el8.aarch64.rpmc34499f0a8284ff2f51fe70e1d452106-
libatomic-8.5.0-3.0.2.el8.aarch64.rpme8c60c334351406f947fc32d07a1aa66-
libatomic-static-8.5.0-3.0.2.el8.aarch64.rpm158bec155f6f477513c06e44c0e1313d-
libgcc-8.5.0-3.0.2.el8.aarch64.rpme8f352ee214165a46e4645ac5f9c7154-
libgfortran-8.5.0-3.0.2.el8.aarch64.rpm9bfe8a46d947baf18b40c4f87538c1ec-
libgomp-8.5.0-3.0.2.el8.aarch64.rpmf2684506aa76ac62ea99ec3141ab25a2-
libitm-8.5.0-3.0.2.el8.aarch64.rpm4df0cd62db352edab3b0b382052c20b0-
libitm-devel-8.5.0-3.0.2.el8.aarch64.rpm6ca05af242f8d70fb5e8c5ae63cb4516-
liblsan-8.5.0-3.0.2.el8.aarch64.rpmaaa0a7dc7e38af2cb6ed60ce4fedba10-
libstdc++-8.5.0-3.0.2.el8.aarch64.rpm06d50143c82c60a54d168947e60a461c-
libstdc++-devel-8.5.0-3.0.2.el8.aarch64.rpm836a60bce7a8921d8d16a58468a48372-
libstdc++-docs-8.5.0-3.0.2.el8.aarch64.rpmfd6dee6a012194af47641ea4b5074649-
libstdc++-static-8.5.0-3.0.2.el8.aarch64.rpmc187731babc8157ea5a98cd480c9d8f4-
libtsan-8.5.0-3.0.2.el8.aarch64.rpmaed8a4c0e21e711cd172fac3afcf3a08-
libubsan-8.5.0-3.0.2.el8.aarch64.rpm8a949c5b410c273f346b8ef6cfddbe2a-
Oracle Linux 8 (x86_64) gcc-8.5.0-3.0.2.el8.src.rpm7a0890216e3fef93130de67029a1a579-
cpp-8.5.0-3.0.2.el8.x86_64.rpmee9d5c3a6f90920c781ba513fa109cd7-
gcc-8.5.0-3.0.2.el8.x86_64.rpm59a0e0a5fb047400b8257f21b04f62ec-
gcc-c++-8.5.0-3.0.2.el8.x86_64.rpmee8b3b03320273c1d0cd373c6eb5636f-
gcc-gdb-plugin-8.5.0-3.0.2.el8.i686.rpmd54fcf4e202598f398d5e3aa88723645-
gcc-gdb-plugin-8.5.0-3.0.2.el8.x86_64.rpmc12dc438f950d78a7d07fc5e6d234adb-
gcc-gfortran-8.5.0-3.0.2.el8.x86_64.rpmdc21d32fec5c2ac0831cbcf96c040d2b-
gcc-offload-nvptx-8.5.0-3.0.2.el8.x86_64.rpm1688d6858cf7c9e1d323bbf323ec8805-
gcc-plugin-devel-8.5.0-3.0.2.el8.i686.rpmd52f9fa9d78006f447885a869944c912-
gcc-plugin-devel-8.5.0-3.0.2.el8.x86_64.rpmcc3f7d30b324e6cd53a4bfed0a4fd749-
libasan-8.5.0-3.0.2.el8.i686.rpmf74902869ce05d3cb7338fa5e45c9d12-
libasan-8.5.0-3.0.2.el8.x86_64.rpm976c66f54ab7d331be5822d2b8641dc0-
libatomic-8.5.0-3.0.2.el8.i686.rpm97b764e1d1d4a4078b799f3563f40f01-
libatomic-8.5.0-3.0.2.el8.x86_64.rpmcc6fd90ea5a0a5cc9287f1dd280f514f-
libatomic-static-8.5.0-3.0.2.el8.i686.rpm41741a4592e4f05a5fc8a1655762856f-
libatomic-static-8.5.0-3.0.2.el8.x86_64.rpm879e2fa853bb58c9590058afeff6ec40-
libgcc-8.5.0-3.0.2.el8.i686.rpm3d7264beea2d78853dda5ea5a75877ee-
libgcc-8.5.0-3.0.2.el8.x86_64.rpm3d56967cd3a4bf95ccb75f9803d0f2b5-
libgfortran-8.5.0-3.0.2.el8.i686.rpm56531de346c8b123134b07533070dcf9-
libgfortran-8.5.0-3.0.2.el8.x86_64.rpmb31bcf5f974eff85223097a1419584cd-
libgomp-8.5.0-3.0.2.el8.i686.rpm74b91e49c176e0d81ac211c712808446-
libgomp-8.5.0-3.0.2.el8.x86_64.rpm9cb3a7a7c3e0a33e2f167c605662fcde-
libgomp-offload-nvptx-8.5.0-3.0.2.el8.x86_64.rpmbecfcb381635362e019690a4d3769f9f-
libitm-8.5.0-3.0.2.el8.i686.rpm88462cdf5de5114979f3ea072fe165f7-
libitm-8.5.0-3.0.2.el8.x86_64.rpm1d00131b6e96438d2729846a9d5b6d5d-
libitm-devel-8.5.0-3.0.2.el8.i686.rpmce9bc6638aab68582e3791edae2d0306-
libitm-devel-8.5.0-3.0.2.el8.x86_64.rpmd0095738e412a76cb30b53b64f593b01-
liblsan-8.5.0-3.0.2.el8.x86_64.rpme3a1ce1ec122831f80474a34ae22026e-
libquadmath-8.5.0-3.0.2.el8.i686.rpmc7dcfd1c7f43715987cec717ff7e1b64-
libquadmath-8.5.0-3.0.2.el8.x86_64.rpmd4038790f02bd6506425b912e6bf6c9b-
libquadmath-devel-8.5.0-3.0.2.el8.i686.rpm4b2d456de1d0ee93eba4cef3897d8299-
libquadmath-devel-8.5.0-3.0.2.el8.x86_64.rpmd1e0c66744dc3fca205c3e4b0a2260b0-
libstdc++-8.5.0-3.0.2.el8.i686.rpme1f5bb008393b5301fac121bb793f779-
libstdc++-8.5.0-3.0.2.el8.x86_64.rpm99f906a68e3a642d8cf738b15e47f883-
libstdc++-devel-8.5.0-3.0.2.el8.i686.rpmc1e3b2ce60be5782aa1e1be6583b5f35-
libstdc++-devel-8.5.0-3.0.2.el8.x86_64.rpm171414b76dc3a67db606baa3fe299c39-
libstdc++-docs-8.5.0-3.0.2.el8.x86_64.rpm96ce13daf92d0a5cf3adfee363a7474d-
libstdc++-static-8.5.0-3.0.2.el8.i686.rpm738ae5cf1b438708299c4c8e1a6741f4-
libstdc++-static-8.5.0-3.0.2.el8.x86_64.rpm61be88e5d6ce9f61afdeebb07b3df3b9-
libtsan-8.5.0-3.0.2.el8.x86_64.rpm51f00e92bea5f70aa9d681679127cd1c-
libubsan-8.5.0-3.0.2.el8.i686.rpm812feb64617e7b1b97aabe1270ba554d-
libubsan-8.5.0-3.0.2.el8.x86_64.rpm194adcc1c2974e479bc1562c681f94b2-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete