ALSA-2021:4743

[ALSA-2021:4743] Moderate: llvm-toolset:rhel8 security update

Type:

security

Severity:

moderate

Release date:

2021-11-21

Description:

LLVM Toolset provides the LLVM compiler infrastructure framework, the Clang compiler for the C and C++ languages, the LLDB debugger, and related tools for code analysis.

Security Fix(es):

* Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574)

The following changes were introduced in clang in order to facilitate detection of BiDi Unicode characters:

clang-tidy now finds identifiers that contain Unicode characters with right-to-left direction, which can be confusing as they may change the understanding of a whole statement.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2021-42574

Updated packages listed below:

Architecture	Package	Checksum
i686	python3-clang-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	07d61c662a16189548d435df39ff16b7e20c2270f9f5f11970d300683f856634
i686	compiler-rt-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	0d409eb4ae68a0549233981a5ead792d8daec0eba47b7b085910f6546af06fa0
i686	lldb-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	1c9240eace50aed31e61c834cff939ce8f32007deecb551a086a5d1d296062cb
i686	llvm-static-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	353956c8aec558ba329f43cbf2ec81fee8b5da619e1559515993b1088b843942
i686	llvm-libs-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	397691b9784ff7e4199f37d6da52a1aa1921f173d4425a9cf35e6062a4a693d6
i686	clang-resource-filesystem-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	3b0bb78ae025e0ceec81d9e6814a6fc064927c12c72e335331b685a4618d1b66
i686	llvm-test-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	3bb0c3863586a27aee3e449f62bfe2b39b15079899d2de0458178f4248e189c7
i686	llvm-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	47fee85416baf9796988ecff8a5019517fb5e2ba4cc9198abd122ee1ea6ce504
i686	clang-tools-extra-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	4bc3893fe149c65ce08bd68d354ed3565058681e0101e19a771b4f0664dff27c
i686	libomp-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	5ff6148d618514f205d87a0d1d5f3a86318d8b743a21e817c60e3cddefb80166
i686	clang-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	75202411604237fbd9705e755fc3428c2012ef3b11369cab8a27af2f836afe44
i686	llvm-googletest-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	7f644b8881076a6cd6ddf3f51e0d631a9c4cbb226491f63fad44a306edc207a2
i686	clang-libs-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	904638a4226fe7605a7f91577cac079dec57abd1b0d894f3b4e6d77ecc1f7381
i686	lld-libs-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	9050c4d22a5837bd555c575d9cbb861cf3508b68779afc93f8e3c5fccf1fd3dd
i686	clang-devel-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	924b9bfb57a7155f3ce4f18000c811d0a7d4e58c6c5993a47a3f1cde1691b695
i686	python3-lldb-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	9d13ba2f223c24e2d35d440f84ec1987258eeac783c9af0312b135a4fd074fc1
i686	llvm-devel-12.0.1-2.module_el8.4.0+2600+cefb5d4c.i686.rpm	9f29e6174e94bf23f0b519ed586b000cfbe95c9b41e571cf80c8c364ab5b56ae
i686	libomp-test-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	a0f776c6a19e310781404c972789b75662601bd9abb7d1537610a932efffea7b
i686	lld-test-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	c0a5f6cc020e2eaff239954c9056d9910841ec95ea3ab7e2ec4e6edc1c0ac7e4
i686	lld-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	c4780568a821db9708fcf0fe6bddb9170e33a58139c62071223231255749ccf3
i686	git-clang-format-12.0.1-4.module_el8.4.0+2600+cefb5d4c.i686.rpm	d012ec34c254bf41ffc697c4e2c0a5d28db3a9acc261cc4b0e15a42b123d2cea
i686	lldb-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	d38031d45ef7d9fde9095b753d87c4d3eb884d8fb393114a4239d16f784a40f2
i686	lld-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	d7ba72ebd3e19dabe9df2d6ff44d4c62acbe33c6277006455687e941b5c35fff
i686	llvm-toolset-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	d963500055f242ee6888756d5f2b4828b4b558cec66960f0820ba88b50318d48
i686	libomp-12.0.1-1.module_el8.4.0+2600+cefb5d4c.i686.rpm	e9499ec7b94962e673138f76e99d90378087c671d7a917b4cc9a3fc1819526a6
noarch	python3-lit-12.0.1-1.module_el8.4.0+2600+cefb5d4c.noarch.rpm	28a4eda054d72b7559ea4c4aa3005706f5c80793e854eb063140acc4eee63be2
noarch	llvm-doc-12.0.1-2.module_el8.4.0+2600+cefb5d4c.noarch.rpm	912ae21b70e88aab4bfc68f7edbc95e9ad42a9d4e0c3545d578558406019dd54
noarch	clang-analyzer-12.0.1-4.module_el8.4.0+2600+cefb5d4c.noarch.rpm	96228bef59483581f270cc8ab27d67d48825fc6c4b00cfcd33451a5adfa4250a
x86_64	libomp-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	01411c679179a9268d881745bac1c86fc66a6768ad9fc0e536c827de86e53ab2
x86_64	lldb-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	01ebbc331956bf55640c723ab86bc7c53920476bf5da1b2c3c08e61c9253cd46
x86_64	llvm-devel-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	03df78ef41d7f10019bd9b913b0eb46c42c1cb72645ab596d52729fed23b38ca
x86_64	lld-libs-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	0c6e3ea3256ed4071068c070899a1de9f504ae55af3444ac0c9e5074818b459a
x86_64	python3-clang-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	0f1aecfcf3805ff3e469fc365165f1d0e1c7ca392144c9e9475099b43740d59d
x86_64	compiler-rt-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	290b67d6a8635b4abb93438ece6a18911ed7dab2b10bf09a868154ee5453a10e
x86_64	libomp-test-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	363d3e443647bcc4fc023623860f0ecab139e46314461b9e3c537e67511985d2
x86_64	python3-lldb-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	380c9eab78a0343a003acdd550c39c93a6a2db759bbe4d26def7884b73f887d9
x86_64	libomp-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	3f120633ee51c0b5e60e65293bc46b12335841a8a3b5317b55d3191626f76922
x86_64	clang-resource-filesystem-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	4c4c36b954bd1e249078c0cc1242f6a44cf6e8feb4e0c918166e60703cdee2ff
x86_64	llvm-googletest-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	59e5aea8a8c94482c4bd99baae9d6d16d5b3736b70b0e1292f5236b7b2b0be53
x86_64	clang-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	5fe679c8547be707703e861626dccd000e866aa580d91f49af3d123b3b36d123
x86_64	llvm-static-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	72f478ed561b1335b2b88799d08665ff4bc52b68868dbea91b01455ad1d65fdd
x86_64	llvm-test-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	762a1051780c4b60a50fa7d9c03e28096c755b38ff14104a10c980548d29da89
x86_64	lld-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	7b603156c34edb06fda50817d9b0a33d28e8294ea6adddf07af6002ca68d8bd6
x86_64	git-clang-format-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	7cdbd52065279973f1620961c2e5ab14601097798363d46d6b3f7b836cbfee47
x86_64	lld-test-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	975d5e0d09e8b528436b68096eaf8474b601de8af25dc90c0c4564007ffaf509
x86_64	clang-libs-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	b8f6482687d798c77533b9572788cc46c60ccd37327c8c2feef582103c58d72d
x86_64	clang-tools-extra-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	c792e3f55e8fbd61401f3ce3b09674b0cfc4091ea56010bd0004d477984173b9
x86_64	clang-devel-12.0.1-4.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	c851b7daa5c2f79d55a5cb993fb1efa8387e532298f164c989ec4ecbe87859d1
x86_64	llvm-libs-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	d239e083f629447b4329966e3bb34e20a11bade63e55db386336d24096a9030b
x86_64	lldb-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	e6b808627192c98258d6465288d55b81570138abfd05a5aa470722d289371279
x86_64	llvm-toolset-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	f3d0cedf978826326de49751daefcde2610ceee42c2a18f0d44d3487c1048629
x86_64	lld-devel-12.0.1-1.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	f4d6681d6cc487d8e4b93a2707ac7f9951ec938338e5832f0ee2f4681264cd71
x86_64	llvm-12.0.1-2.module_el8.4.0+2600+cefb5d4c.x86_64.rpm	f6ce0b86345db053ea861af247fe72601cacc005bd305ebc3f9bea9fba0664da

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.