RHSA-2021:4587-01 -- Redhat gcc, cpp, libasan, libatomic, libgcc, libgfortran, libgomp, libitm, liblsan, libstdc++, libtsan, libubsan, libquadmathID: oval:org.secpod.oval:def:86348 | Date: (C)2022-12-27 (M)2024-04-17 |
Class: PATCH | Family: unix |
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix: * Developer environment: Unicode"s bidirectional override characters can cause trojan source attacks The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: and;-Wbidirectional=unpairedand;, which warns about improperly terminated BiDi contexts. and;-Wbidirectional=noneand;, which turns the warning off. and;-Wbidirectional=anyand;, which warns about any use of bidirectional characters. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Product: |
gcc |
cpp |
libasan |
libatomic |
libgcc |
libgfortran |
libgomp |
libitm |
liblsan |
libstdc++ |
libtsan |
libubsan |
libquadmath |