ALSA-2021:4585

[ALSA-2021:4585] Moderate: gcc-toolset-10-gcc security update

Type:

security

Severity:

moderate

Release date:

2021-11-12

Description:

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.

Security Fix(es):

* Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574)

The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters:

This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters.

There are three levels of warning supported by gcc:
"-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.)
"-Wbidirectional=none", which turns the warning off.
"-Wbidirectional=any", which warns about any use of bidirectional characters.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.aarch64.rpm	0282e71c1d44ef34acaf82bdc83dcb20b110fc592c5140345e74b9d13a65b78c
aarch64	gcc-toolset-10-gcc-10.3.1-1.2.el8_5.aarch64.rpm	1bd7804331bb3b6ef53dfc1cefbbd8a56a1cff5cd4a879028e67b4e46c1fbd7c
aarch64	gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.aarch64.rpm	3bbac294f14aa1eff93fc901344bf296e1af6b7c966529f4907a14c35ea564c5
aarch64	gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.aarch64.rpm	3e0d58af6b390871202c2f0f940b64b3651c9f6eb55e8fe7f8170614fdd6608f
aarch64	gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.aarch64.rpm	4281d4d55772b6c17e6b87b53059dde1bb8aae37b08371fb51a43d8962e295b2
aarch64	gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.aarch64.rpm	7a09a571b3a6c2aac0ad7fbb887ede1d3f018dafa8e68114bcbf2f1251346f3d
aarch64	gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.aarch64.rpm	87739c16c963218956c943185939fe76565911188d0ebda1bb5726bcb7945023
aarch64	gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.aarch64.rpm	9138eabb48d7b4ba30e0e2f1321aac14f0e9082f0838cbc2ee20103eb2c032e6
aarch64	gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.aarch64.rpm	9c57673314654a02c96375c07f0ce1b1bf0a66656a11183311c606597ab101a6
aarch64	gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.aarch64.rpm	a9045e80ef7535620d9eebd52b194d46494d3e670b20b2104213090fabfb57d3
aarch64	gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.aarch64.rpm	da87e1d40e7652f1a71cf0266472c0a60f24d9a042d7b7d30398831664ea2ea1
aarch64	gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.aarch64.rpm	e5e658a7c767328b12b091fed8f19c55ac6d5d8a7da67843043e9618cea1d12e
aarch64	gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.aarch64.rpm	f32b98571e82186a59bf7e8661cb67e82d3f21ae2f0bd8bcc5c4afb553f624a3
i686	gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.i686.rpm	2fb2aba085a2ddc75479df4a4df2f718854629dc8b86b8f27a124d610b8f1bcf
i686	gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.i686.rpm	368341ffa8a1cce218bfeb90f2593b4937f8e8decec0153db65ba4d6c1a60c1f
i686	libasan6-10.3.1-1.2.el8_5.i686.rpm	4872ca478ad690c870fe40976f268096d5330a60d201a2c65756f27d2c24fb1b
i686	gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.i686.rpm	4c52b36e9dda56727455de345ef7610bb2d92cc3ab0b0b1b2a577e933fb94c4d
i686	gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.i686.rpm	6c21c169ed4aeeeaf3cd997f07a874a9ee585f5b444cb4ca843152cc19a82220
i686	gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.i686.rpm	aaaec114c30505ab566f74dd8f99aecbb40b28511fd26b959dc51524c0e27116
i686	gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.i686.rpm	f326424064c3fa2ece31e4c1c9139bdd1b502a3ccb895b20ba593cca48b3779f
ppc64le	gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.ppc64le.rpm	0e9efd5e72c1b7b8ecacdbd873d44bde0ddb10a71876b2aaf659cbb1cbae70ec
ppc64le	gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.ppc64le.rpm	14f7258b601fc494b6051f390da9549f6df5214a9d9d6df9154134a83ed357f2
ppc64le	gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.ppc64le.rpm	21078d731ff28b11aa8f0f47c18ba33c540237e3dcbb235c2854b43b9db2cabc
ppc64le	gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.ppc64le.rpm	286bd732ef918c25001cb47270322baa569cda7333b2eadc4a4510f42d3d4a92
ppc64le	gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.ppc64le.rpm	4288befe2f783d640dee0dbad6c6d1704c9c78fa161202cf5b2b3ed29d4908e7
ppc64le	gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.ppc64le.rpm	471ce51548900dcf56ed75f9bf3f94de71a055bfbda3848c3cdb4bfeefec483a
ppc64le	gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.ppc64le.rpm	63b80c2c2d92823d729d348195ff206c789cc4ebd34b72285ec82710a3c7140b
ppc64le	gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.ppc64le.rpm	69ce1d586806957874313f288cfe56a71e1b82e7780328e431ac80a1c55c0ee9
ppc64le	gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.ppc64le.rpm	6f30d1cc086c4c0f4c3a05ce8618afc7ba4d7a01a0cbc57eca1887a9e9016b98
ppc64le	gcc-toolset-10-gcc-10.3.1-1.2.el8_5.ppc64le.rpm	97ca6eaca49f727ee2cd2dab6064494db2a19fa88d10861634070e4a0ecaa9f1
ppc64le	gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.ppc64le.rpm	c369a4b382e2efefddd11dcbb413843ccebf3d8c2d2560a88890bce6d8a32de4
ppc64le	gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm	e22e2f2340f7f2f12a7d32ea5db2bf454a594007a06f451fcb7cf25b7e6ac0b9
ppc64le	gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm	f3e01894ab804ae560719d391d8f714519e25b20d148b01506e4c8313a2d518d
ppc64le	gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.ppc64le.rpm	f876b79a254cecf29f24e70a67b00cf71bd2082378c2ed765ca54816b343a2ef
x86_64	gcc-toolset-10-libubsan-devel-10.3.1-1.2.el8_5.x86_64.rpm	1c8d31f90c3a97b90763668ae9abf837c05778dbfaae449b6424655de14cf800
x86_64	gcc-toolset-10-gcc-gfortran-10.3.1-1.2.el8_5.x86_64.rpm	466a5a06090b791a1d461fa39d74c70a7a677399fef04fdc071635e5cd92bf4e
x86_64	gcc-toolset-10-libstdc++-devel-10.3.1-1.2.el8_5.x86_64.rpm	56661e50d57990180eb19191f87bb375eca28c2c72b0dad34bff6b0e7eb12a67
x86_64	gcc-toolset-10-gcc-10.3.1-1.2.el8_5.x86_64.rpm	602613baa33e09cbe8262bd22bcd5c4bd7b9cdfe582ee73214447b65fc613602
x86_64	gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.x86_64.rpm	624886a881fb6c427e55f233ea7a5b0c10c83f22b45da5304d086ba432ad4f86
x86_64	gcc-toolset-10-libquadmath-devel-10.3.1-1.2.el8_5.x86_64.rpm	6e66b84dbb995a02c4fe0fc1093dd6b8195971b10e6dbd8309d478db3d15716a
x86_64	gcc-toolset-10-liblsan-devel-10.3.1-1.2.el8_5.x86_64.rpm	7828da95c794f6ec0b89932f229183fd2658ad7725e46a5d06c0609460ba702d
x86_64	gcc-toolset-10-libtsan-devel-10.3.1-1.2.el8_5.x86_64.rpm	85e924ee60cbdc1280cb2371d7f37d1ed46fc6e8f3113508376b6867e62de79f
x86_64	gcc-toolset-10-gcc-c++-10.3.1-1.2.el8_5.x86_64.rpm	891f98c3cb429b32621249b9f1ef9d7dd584e011a0aea1446aa7fe8b590e3da8
x86_64	gcc-toolset-10-libstdc++-docs-10.3.1-1.2.el8_5.x86_64.rpm	922e0ce39fd43b8a3819b63a5bf11a61a18c9381d9c7551e3bbf3e7bab53f167
x86_64	libasan6-10.3.1-1.2.el8_5.x86_64.rpm	942c052756f5d5a5f4e5593b9705c20ccee868875777e19cb586a6c2c46b3f75
x86_64	gcc-toolset-10-libasan-devel-10.3.1-1.2.el8_5.x86_64.rpm	96aaf5cdc75e68db3b05ec57ded309dc7281fc8b1a7f943ac632a8cfb3d5f0d5
x86_64	gcc-toolset-10-libitm-devel-10.3.1-1.2.el8_5.x86_64.rpm	afce95329b4bd1e49b94af4ae1840fa1e6969296ab603a0f0aa4fb3dcd28026c
x86_64	gcc-toolset-10-libatomic-devel-10.3.1-1.2.el8_5.x86_64.rpm	d4ce796403fada923c85f7d03795ce947610681743685648fbb1b1872132cb45
x86_64	gcc-toolset-10-gcc-gdb-plugin-10.3.1-1.2.el8_5.x86_64.rpm	fca930bb76cb8221a090b8750f2e951044d157db6677892fbcd8457738fdabab

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.