Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-14250 (GCVE-0-2019-14250)
Vulnerability from cvelistv5 – Published: 2019-07-24 03:30 – Updated: 2024-08-05 00:12
VLAI?
EPSS
Summary
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924 | x_refsource_MISC |
| https://gcc.gnu.org/ml/gcc-patches/2019-07/msg010… | x_refsource_MISC |
| http://www.securityfocus.com/bid/109354 | vdb-entryx_refsource_BID |
| https://security.netapp.com/advisory/ntap-2019082… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://usn.ubuntu.com/4326-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4336-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://security.gentoo.org/glsa/202007-39 | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:12:42.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"name": "109354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"name": "openSUSE-SU-2019:2364",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"name": "openSUSE-SU-2019:2365",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"name": "USN-4326-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"name": "USN-4336-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"name": "openSUSE-SU-2020:0716",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"name": "GLSA-202007-39",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"name": "openSUSE-SU-2020:1790",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"name": "openSUSE-SU-2020:1804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T15:06:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"name": "109354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"name": "openSUSE-SU-2019:2364",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"name": "openSUSE-SU-2019:2365",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"name": "USN-4326-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"name": "USN-4336-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"name": "openSUSE-SU-2020:0716",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"name": "GLSA-202007-39",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"name": "openSUSE-SU-2020:1790",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"name": "openSUSE-SU-2020:1804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924",
"refsource": "MISC",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"name": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html",
"refsource": "MISC",
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"name": "109354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109354"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190822-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"name": "openSUSE-SU-2019:2364",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"name": "openSUSE-SU-2019:2365",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"name": "USN-4326-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"name": "USN-4336-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"name": "openSUSE-SU-2020:0716",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"name": "GLSA-202007-39",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"name": "openSUSE-SU-2020:1790",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"name": "openSUSE-SU-2020:1804",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14250",
"datePublished": "2019-07-24T03:30:30.000Z",
"dateReserved": "2019-07-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:12:42.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-14250",
"date": "2026-05-21",
"epss": "0.00186",
"percentile": "0.40094"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A276274-BE53-4BC8-B3E4-3DF151E5FC7D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils versi\\u00f3n 2.32. simple_object_elf_match in simple-object-elf.c no comprueba un valor shstrndx de cero, lo que lleva a un desbordamiento de enteros y un desbordamiento de b\\u00fafer basado en memoria din\\u00e1mica.\"}]",
"id": "CVE-2019-14250",
"lastModified": "2024-11-21T04:26:17.750",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2019-07-24T04:15:12.143",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/109354\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202007-39\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190822-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://usn.ubuntu.com/4326-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4336-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/109354\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202007-39\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190822-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://usn.ubuntu.com/4326-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4336-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}, {\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-14250\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-07-24T04:15:12.143\",\"lastModified\":\"2024-11-21T04:26:17.750\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils versi\u00f3n 2.32. simple_object_elf_match in simple-object-elf.c no comprueba un valor shstrndx de cero, lo que lleva a un desbordamiento de enteros y un desbordamiento de b\u00fafer basado en memoria din\u00e1mica.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A276274-BE53-4BC8-B3E4-3DF151E5FC7D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/109354\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-39\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190822-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://usn.ubuntu.com/4326-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4336-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/109354\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-39\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190822-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://usn.ubuntu.com/4326-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4336-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2023-07806
Vulnerability from fstec - Published: 18.06.2019
VLAI Severity ?
Title
Уязвимость функции simple_object_elf_match компонента libiberty/simple-object-elf.c программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции simple_object_elf_match компонента libiberty/simple-object-elf.c программного средства разработки GNU Binutils связана с целочисленным переполнением. Эксплуатация уязвимости позволяет нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, АО "НППКТ", GNU General Public License
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), GNU Binutils
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 10 (Debian GNU/Linux), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), до 2.3 (ОСОН ОСнова Оnyx), до 2.33.1 (GNU Binutils)
Possible Mitigations
Для Binutils:
использование рекомендаций производителя: https://gcc.gnu.org/legacy-ml/gcc-patches/2019-07/msg01003.html
Для Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2019-14250
Для ОС Astra Linux:
обновить пакет binutils до 2.36-26.018 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения binutils до версии 2.31.1-16.osnova0u1
Для ОС Astra Linux:
обновить пакет binutils до 2.31.1-16+ci202406211629+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
Для Astra Linux Special Edition 1.6 «Смоленск»::
обновить пакет binutils до 2.28-5+ci202404091650+astra4 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16
Для Astra Linux Special Edition 4.7 для архитектуры ARM:
обновить пакет binutils до 2.31.1-16+ci202407172149+astra14 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
Reference
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
https://gcc.gnu.org/legacy-ml/gcc-patches/2019-07/msg01003.html
https://nvd.nist.gov/vuln/detail/CVE-2019-14250
https://security-tracker.debian.org/tracker/CVE-2019-14250
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.3/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
CWE
CWE-190
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", GNU General Public License",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 10 (Debian GNU/Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u0434\u043e 2.3 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 2.33.1 (GNU Binutils)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Binutils:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://gcc.gnu.org/legacy-ml/gcc-patches/2019-07/msg01003.html\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2019-14250\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 binutils \u0434\u043e 2.36-26.018 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f binutils \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.31.1-16.osnova0u1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 binutils \u0434\u043e 2.31.1-16+ci202406211629+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb::\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 binutils \u0434\u043e 2.28-5+ci202404091650+astra4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 binutils \u0434\u043e 2.31.1-16+ci202407172149+astra14 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "18.06.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.11.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-07806",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-14250",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Debian GNU/Linux, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), GNU Binutils",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 simple_object_elf_match \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 libiberty/simple-object-elf.c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 GNU Binutils, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0426\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0446\u0438\u043a\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0434\u0432\u0438\u0433 (CWE-190)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 simple_object_elf_match \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 libiberty/simple-object-elf.c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 GNU Binutils \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924\nhttps://gcc.gnu.org/legacy-ml/gcc-patches/2019-07/msg01003.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14250\nhttps://security-tracker.debian.org/tracker/CVE-2019-14250\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.3/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-190",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}
CNVD-2020-20391
Vulnerability from cnvd - Published: 2020-03-31
VLAI Severity ?
Title
GNU Binutils libiberty输入验证错误漏洞
Description
GNU Binutils(GNU Binary Utilities或binutils)是GNU计划的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。libiberty是其中的一个GNU程序使用的子程序的集合。
GNU Binutils 2.32版本中的libiberty存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞导致堆缓冲区溢出,从而可导致拒绝服务。
Severity
中
Patch Name
GNU Binutils libiberty输入验证错误漏洞的补丁
Patch Description
GNU Binutils(GNU Binary Utilities或binutils)是GNU计划的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。libiberty是其中的一个GNU程序使用的子程序的集合。
GNU Binutils 2.32版本中的libiberty存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞导致堆缓冲区溢出,从而可导致拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-14250
Impacted products
| Name | GNU Binutils 2.32 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-14250",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-14250"
}
},
"description": "GNU Binutils\uff08GNU Binary Utilities\u6216binutils\uff09\u662fGNU\u8ba1\u5212\u7684\u5f00\u53d1\u7684\u4e00\u7ec4\u7f16\u7a0b\u8bed\u8a00\u5de5\u5177\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u4e3b\u8981\u7528\u4e8e\u5904\u7406\u591a\u79cd\u683c\u5f0f\u7684\u76ee\u6807\u6587\u4ef6\uff0c\u5e76\u63d0\u4f9b\u6709\u8fde\u63a5\u5668\u3001\u6c47\u7f16\u5668\u548c\u5176\u4ed6\u7528\u4e8e\u76ee\u6807\u6587\u4ef6\u548c\u6863\u6848\u7684\u5de5\u5177\u3002libiberty\u662f\u5176\u4e2d\u7684\u4e00\u4e2aGNU\u7a0b\u5e8f\u4f7f\u7528\u7684\u5b50\u7a0b\u5e8f\u7684\u96c6\u5408\u3002\n\nGNU Binutils 2.32\u7248\u672c\u4e2d\u7684libiberty\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-20391",
"openTime": "2020-03-31",
"patchDescription": "GNU Binutils\uff08GNU Binary Utilities\u6216binutils\uff09\u662fGNU\u8ba1\u5212\u7684\u5f00\u53d1\u7684\u4e00\u7ec4\u7f16\u7a0b\u8bed\u8a00\u5de5\u5177\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u4e3b\u8981\u7528\u4e8e\u5904\u7406\u591a\u79cd\u683c\u5f0f\u7684\u76ee\u6807\u6587\u4ef6\uff0c\u5e76\u63d0\u4f9b\u6709\u8fde\u63a5\u5668\u3001\u6c47\u7f16\u5668\u548c\u5176\u4ed6\u7528\u4e8e\u76ee\u6807\u6587\u4ef6\u548c\u6863\u6848\u7684\u5de5\u5177\u3002libiberty\u662f\u5176\u4e2d\u7684\u4e00\u4e2aGNU\u7a0b\u5e8f\u4f7f\u7528\u7684\u5b50\u7a0b\u5e8f\u7684\u96c6\u5408\u3002\r\n\r\nGNU Binutils 2.32\u7248\u672c\u4e2d\u7684libiberty\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "GNU Binutils libiberty\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "GNU Binutils 2.32"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-14250",
"serverity": "\u4e2d",
"submitTime": "2019-07-24",
"title": "GNU Binutils libiberty\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}
FKIE_CVE-2019-14250
Vulnerability from fkie_nvd - Published: 2019-07-24 04:15 - Updated: 2024-11-21 04:26
Severity ?
Summary
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "8A276274-BE53-4BC8-B3E4-3DF151E5FC7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils versi\u00f3n 2.32. simple_object_elf_match in simple-object-elf.c no comprueba un valor shstrndx de cero, lo que lleva a un desbordamiento de enteros y un desbordamiento de b\u00fafer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2019-14250",
"lastModified": "2024-11-21T04:26:17.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-24T04:15:12.143",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109354"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4336-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-CXC9-2RQ6-PR6H
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2023-03-01 18:30
VLAI?
Details
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-14250"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-24T04:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"id": "GHSA-cxc9-2rq6-pr6h",
"modified": "2023-03-01T18:30:57Z",
"published": "2022-05-24T16:51:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14250"
},
{
"type": "WEB",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"type": "WEB",
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190822-0002"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4326-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4336-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/109354"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2019-14250
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-14250",
"description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"id": "GSD-2019-14250",
"references": [
"https://www.suse.com/security/cve/CVE-2019-14250.html",
"https://ubuntu.com/security/CVE-2019-14250",
"https://advisories.mageia.org/CVE-2019-14250.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-14250"
],
"details": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"id": "GSD-2019-14250",
"modified": "2023-12-13T01:23:52.554214Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924",
"refsource": "MISC",
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"name": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html",
"refsource": "MISC",
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"name": "109354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109354"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190822-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"name": "openSUSE-SU-2019:2364",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"name": "openSUSE-SU-2019:2365",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"name": "USN-4326-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"name": "USN-4336-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"name": "openSUSE-SU-2020:0716",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"name": "GLSA-202007-39",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"name": "openSUSE-SU-2020:1790",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
},
{
"name": "openSUSE-SU-2020:1804",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14250"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924"
},
{
"name": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html"
},
{
"name": "109354",
"refsource": "BID",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109354"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190822-0002/",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190822-0002/"
},
{
"name": "openSUSE-SU-2019:2364",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
},
{
"name": "openSUSE-SU-2019:2365",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
},
{
"name": "USN-4326-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4326-1/"
},
{
"name": "USN-4336-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4336-1/"
},
{
"name": "openSUSE-SU-2020:0716",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
},
{
"name": "GLSA-202007-39",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-39"
},
{
"name": "openSUSE-SU-2020:1804",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"
},
{
"name": "openSUSE-SU-2020:1790",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-03-01T18:01Z",
"publishedDate": "2019-07-24T04:15Z"
}
}
}
MSRC_CVE-2019-14250
Vulnerability from csaf_microsoft - Published: 2019-07-02 00:00 - Updated: 2020-08-18 00:00Summary
An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2019/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2019/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2019-14250 An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-14250.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow.",
"tracking": {
"current_release_date": "2020-08-18T00:00:00.000Z",
"generator": {
"date": "2025-10-19T17:44:23.552Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2019-14250",
"initial_release_date": "2019-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2020-08-18T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 binutils 2.32-4",
"product": {
"name": "\u003ccm1 binutils 2.32-4",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 binutils 2.32-4",
"product": {
"name": "cm1 binutils 2.32-4",
"product_id": "17006"
}
}
],
"category": "product_name",
"name": "binutils"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 binutils 2.32-4 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 binutils 2.32-4 as a component of CBL Mariner 1.0",
"product_id": "17006-16820"
},
"product_reference": "17006",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14250",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17006-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-14250 An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-14250.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T00:00:00.000Z",
"details": "2.32-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow."
}
]
}
OPENSUSE-SU-2019:2364-1
Vulnerability from csaf_opensuse - Published: 2019-10-22 14:23 - Updated: 2019-10-22 14:23Summary
Security update for gcc7
Severity
Moderate
Notes
Title of the patch: Security update for gcc7
Description of the patch: This update for gcc7 to r275405 fixes the following issues:
Security issues fixed:
- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).
- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).
Non-security issue fixed:
- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2364
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gcc7",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gcc7 to r275405 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).\n- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).\n\nNon-security issue fixed:\n\n- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2364",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2364-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2364-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3/#3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2364-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3/#3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1141897",
"url": "https://bugzilla.suse.com/1141897"
},
{
"category": "self",
"summary": "SUSE Bug 1142649",
"url": "https://bugzilla.suse.com/1142649"
},
{
"category": "self",
"summary": "SUSE Bug 1148517",
"url": "https://bugzilla.suse.com/1148517"
},
{
"category": "self",
"summary": "SUSE Bug 1149145",
"url": "https://bugzilla.suse.com/1149145"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14250 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15847 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15847/"
}
],
"title": "Security update for gcc7",
"tracking": {
"current_release_date": "2019-10-22T14:23:29Z",
"generator": {
"date": "2019-10-22T14:23:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2364-1",
"initial_release_date": "2019-10-22T14:23:29Z",
"revision_history": [
{
"date": "2019-10-22T14:23:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "cpp7-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-go-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libada7-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libada7-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libada7-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libasan4-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libgfortran4-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libgo11-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libobjc4-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586"
}
},
{
"category": "product_version",
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"product": {
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"product_id": "libubsan0-7.4.1+r275405-lp151.2.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"product": {
"name": "gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"product_id": "gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "cpp7-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libada7-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libasan4-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libgo11-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product": {
"name": "libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"product_id": "libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cpp7-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch"
},
"product_reference": "gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libada7-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586"
},
"product_reference": "libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64"
},
"product_reference": "libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14250"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14250",
"url": "https://www.suse.com/security/cve/CVE-2019-14250"
},
{
"category": "external",
"summary": "SUSE Bug 1142649 for CVE-2019-14250",
"url": "https://bugzilla.suse.com/1142649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-22T14:23:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-14250"
},
{
"cve": "CVE-2019-15847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15847"
}
],
"notes": [
{
"category": "general",
"text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15847",
"url": "https://www.suse.com/security/cve/CVE-2019-15847"
},
{
"category": "external",
"summary": "SUSE Bug 1149145 for CVE-2019-15847",
"url": "https://bugzilla.suse.com/1149145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:cpp7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-ada-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-fortran-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-go-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-info-7.4.1+r275405-lp151.2.6.1.noarch",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-locale-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-obj-c++-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:gcc7-objc-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libada7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libasan4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libcilkrts5-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgfortran4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libgo11-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libobjc4-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libstdc++6-devel-gcc7-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-32bit-7.4.1+r275405-lp151.2.6.1.x86_64",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.i586",
"openSUSE Leap 15.1:libubsan0-7.4.1+r275405-lp151.2.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-22T14:23:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-15847"
}
]
}
OPENSUSE-SU-2019:2365-1
Vulnerability from csaf_opensuse - Published: 2019-10-22 16:20 - Updated: 2019-10-22 16:20Summary
Security update for gcc7
Severity
Moderate
Notes
Title of the patch: Security update for gcc7
Description of the patch: This update for gcc7 to r275405 fixes the following issues:
Security issues fixed:
- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).
- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).
Non-security issue fixed:
- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2365
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gcc7",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gcc7 to r275405 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).\n- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).\n\nNon-security issue fixed:\n\n- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2365",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2365-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2365-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4VKI4VHJED5AYJXOZ6W3RH6OUJ3YSS72/#4VKI4VHJED5AYJXOZ6W3RH6OUJ3YSS72"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2365-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4VKI4VHJED5AYJXOZ6W3RH6OUJ3YSS72/#4VKI4VHJED5AYJXOZ6W3RH6OUJ3YSS72"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1141897",
"url": "https://bugzilla.suse.com/1141897"
},
{
"category": "self",
"summary": "SUSE Bug 1142649",
"url": "https://bugzilla.suse.com/1142649"
},
{
"category": "self",
"summary": "SUSE Bug 1148517",
"url": "https://bugzilla.suse.com/1148517"
},
{
"category": "self",
"summary": "SUSE Bug 1149145",
"url": "https://bugzilla.suse.com/1149145"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14250 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15847 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15847/"
}
],
"title": "Security update for gcc7",
"tracking": {
"current_release_date": "2019-10-22T16:20:44Z",
"generator": {
"date": "2019-10-22T16:20:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2365-1",
"initial_release_date": "2019-10-22T16:20:44Z",
"revision_history": [
{
"date": "2019-10-22T16:20:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cpp7-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "cpp7-7.4.1+r275405-lp150.12.1.i586",
"product_id": "cpp7-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-ada-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-c++-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-fortran-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-go-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-locale-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"product_id": "gcc7-objc-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libada7-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libada7-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libada7-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libasan4-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libasan4-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libasan4-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libcilkrts5-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libgfortran4-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libgo11-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libgo11-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libgo11-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libobjc4-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libobjc4-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libobjc4-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586"
}
},
{
"category": "product_version",
"name": "libubsan0-7.4.1+r275405-lp150.12.1.i586",
"product": {
"name": "libubsan0-7.4.1+r275405-lp150.12.1.i586",
"product_id": "libubsan0-7.4.1+r275405-lp150.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"product": {
"name": "gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"product_id": "gcc7-info-7.4.1+r275405-lp150.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "cpp7-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-go-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libada7-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libada7-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libada7-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libasan4-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libgfortran4-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libgo11-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libobjc4-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan0-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libubsan0-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product": {
"name": "libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"product_id": "libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cpp7-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "cpp7-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cpp7-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-info-7.4.1+r275405-lp150.12.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch"
},
"product_reference": "gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libada7-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libada7-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libasan4-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libgo11-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libobjc4-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-7.4.1+r275405-lp150.12.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586"
},
"product_reference": "libubsan0-7.4.1+r275405-lp150.12.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libubsan0-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64"
},
"product_reference": "libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14250"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14250",
"url": "https://www.suse.com/security/cve/CVE-2019-14250"
},
{
"category": "external",
"summary": "SUSE Bug 1142649 for CVE-2019-14250",
"url": "https://bugzilla.suse.com/1142649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-22T16:20:44Z",
"details": "moderate"
}
],
"title": "CVE-2019-14250"
},
{
"cve": "CVE-2019-15847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15847"
}
],
"notes": [
{
"category": "general",
"text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15847",
"url": "https://www.suse.com/security/cve/CVE-2019-15847"
},
{
"category": "external",
"summary": "SUSE Bug 1149145 for CVE-2019-15847",
"url": "https://bugzilla.suse.com/1149145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:cpp7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-ada-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-fortran-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-go-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-info-7.4.1+r275405-lp150.12.1.noarch",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-locale-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-obj-c++-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:gcc7-objc-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libada7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libasan4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libcilkrts5-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgfortran4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libgo11-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libobjc4-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libstdc++6-devel-gcc7-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-32bit-7.4.1+r275405-lp150.12.1.x86_64",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.i586",
"openSUSE Leap 15.0:libubsan0-7.4.1+r275405-lp150.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-22T16:20:44Z",
"details": "moderate"
}
],
"title": "CVE-2019-15847"
}
]
}
OPENSUSE-SU-2020:0716-1
Vulnerability from csaf_opensuse - Published: 2020-05-26 05:35 - Updated: 2020-05-26 05:35Summary
Security update for gcc9
Severity
Moderate
Notes
Title of the patch: Security update for gcc9
Description of the patch:
This update includes the GNU Compiler Collection 9.
This update ships the GCC 9.3 release.
A full changelog is provided by the GCC team on:
https://www.gnu.org/software/gcc/gcc-9/changes.html
The base system compiler libraries libgcc_s1, libstdc++6 and others are
now built by the gcc 9 packages.
To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 /
CXX=g++-9 during configuration for using it.
Security issues fixed:
- CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)
- CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)
Non-security issues fixed:
- Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)
- Fixed miscompilation for vector shift on s390. (bsc#1141897)
- Includes a fix for Internal compiler error when building HepMC (bsc#1167898)
- Includes fix for binutils version parsing
- Add libstdc++6-pp provides and conflicts to avoid file conflicts
with same minor version of libstdc++6-pp from gcc10.
- Add gcc9 autodetect -g at lto link (bsc#1149995)
- Install go tool buildid for bootstrapping go
Patchnames: openSUSE-2020-716
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gcc9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThis update includes the GNU Compiler Collection 9.\n\nThis update ships the GCC 9.3 release.\n\nA full changelog is provided by the GCC team on:\n\n https://www.gnu.org/software/gcc/gcc-9/changes.html\n\n\nThe base system compiler libraries libgcc_s1, libstdc++6 and others are\nnow built by the gcc 9 packages.\n\nTo use it, install \u0027gcc9\u0027 or \u0027gcc9-c++\u0027 or other compiler brands and use CC=gcc-9 /\nCXX=g++-9 during configuration for using it.\n\n\nSecurity issues fixed:\n\n- CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)\n- CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)\n\nNon-security issues fixed:\n\n- Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)\n- Fixed miscompilation for vector shift on s390. (bsc#1141897)\n- Includes a fix for Internal compiler error when building HepMC (bsc#1167898)\n- Includes fix for binutils version parsing\n- Add libstdc++6-pp provides and conflicts to avoid file conflicts\n with same minor version of libstdc++6-pp from gcc10.\n- Add gcc9 autodetect -g at lto link (bsc#1149995)\n- Install go tool buildid for bootstrapping go\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-716",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0716-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0716-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JTCFGW443IEBOK3ANCBHXSSTATRWPNXY/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0716-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JTCFGW443IEBOK3ANCBHXSSTATRWPNXY/"
},
{
"category": "self",
"summary": "SUSE Bug 1114592",
"url": "https://bugzilla.suse.com/1114592"
},
{
"category": "self",
"summary": "SUSE Bug 1135254",
"url": "https://bugzilla.suse.com/1135254"
},
{
"category": "self",
"summary": "SUSE Bug 1141897",
"url": "https://bugzilla.suse.com/1141897"
},
{
"category": "self",
"summary": "SUSE Bug 1142649",
"url": "https://bugzilla.suse.com/1142649"
},
{
"category": "self",
"summary": "SUSE Bug 1142654",
"url": "https://bugzilla.suse.com/1142654"
},
{
"category": "self",
"summary": "SUSE Bug 1148517",
"url": "https://bugzilla.suse.com/1148517"
},
{
"category": "self",
"summary": "SUSE Bug 1149145",
"url": "https://bugzilla.suse.com/1149145"
},
{
"category": "self",
"summary": "SUSE Bug 1149995",
"url": "https://bugzilla.suse.com/1149995"
},
{
"category": "self",
"summary": "SUSE Bug 1152590",
"url": "https://bugzilla.suse.com/1152590"
},
{
"category": "self",
"summary": "SUSE Bug 1167898",
"url": "https://bugzilla.suse.com/1167898"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14250 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15847 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15847/"
}
],
"title": "Security update for gcc9",
"tracking": {
"current_release_date": "2020-05-26T05:35:19Z",
"generator": {
"date": "2020-05-26T05:35:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0716-1",
"initial_release_date": "2020-05-26T05:35:19Z",
"revision_history": [
{
"date": "2020-05-26T05:35:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"product": {
"name": "gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"product_id": "gcc9-info-9.3.1+git1296-lp151.2.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "cpp9-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"product": {
"name": "cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"product_id": "cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"product": {
"name": "cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"product_id": "cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-go-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libada9-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libada9-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libada9-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libasan5-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libatomic1-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgfortran5-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgo14-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgomp1-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libitm1-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "liblsan0-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libquadmath0-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libtsan0-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan1-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libubsan1-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product": {
"name": "libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"product_id": "libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cpp9-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64"
},
"product_reference": "cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64"
},
"product_reference": "cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-go-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-info-9.3.1+git1296-lp151.2.2.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch"
},
"product_reference": "gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada9-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libada9-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan5-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libatomic1-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran5-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo14-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgomp1-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libitm1-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblsan0-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libquadmath0-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtsan0-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan1-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libubsan1-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64"
},
"product_reference": "libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14250"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14250",
"url": "https://www.suse.com/security/cve/CVE-2019-14250"
},
{
"category": "external",
"summary": "SUSE Bug 1142649 for CVE-2019-14250",
"url": "https://bugzilla.suse.com/1142649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-05-26T05:35:19Z",
"details": "moderate"
}
],
"title": "CVE-2019-14250"
},
{
"cve": "CVE-2019-15847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15847"
}
],
"notes": [
{
"category": "general",
"text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15847",
"url": "https://www.suse.com/security/cve/CVE-2019-15847"
},
{
"category": "external",
"summary": "SUSE Bug 1149145 for CVE-2019-15847",
"url": "https://bugzilla.suse.com/1149145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:cpp9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:cross-nvptx-gcc9-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:cross-nvptx-newlib9-devel-9.3.1+git1296-lp151.2.1.x86_64",
"openSUSE Leap 15.1:gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-ada-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-c++-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-fortran-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-go-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:gcc9-info-9.3.1+git1296-lp151.2.2.noarch",
"openSUSE Leap 15.1:gcc9-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libada9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libasan5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libatomic1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgcc_s1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgfortran5-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgo14-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libgomp1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libitm1-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:liblsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libquadmath0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-devel-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-locale-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libstdc++6-pp-gcc9-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libtsan0-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-32bit-9.3.1+git1296-lp151.2.2.x86_64",
"openSUSE Leap 15.1:libubsan1-9.3.1+git1296-lp151.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-05-26T05:35:19Z",
"details": "moderate"
}
],
"title": "CVE-2019-15847"
}
]
}
OPENSUSE-SU-2020:1790-1
Vulnerability from csaf_opensuse - Published: 2020-10-31 13:22 - Updated: 2020-10-31 13:22Summary
Security update for binutils
Severity
Moderate
Notes
Title of the patch: Security update for binutils
Description of the patch: This update for binutils fixes the following issues:
binutils was updated to version 2.35. (jsc#ECO-2373)
Update to binutils 2.35:
* The assembler can now produce DWARF-5 format line number tables.
* Readelf now has a 'lint' mode to enable extra checks of the files it is processing.
* Readelf will now display '[...]' when it has to truncate a symbol name.
The old behaviour - of displaying as many characters as possible, up to
the 80 column limit - can be restored by the use of the --silent-truncation
option.
* The linker can now produce a dependency file listing the inputs that it
has processed, much like the -M -MP option supported by the compiler.
- fix DT_NEEDED order with -flto [bsc#1163744]
Update to binutils 2.34:
* The disassembler (objdump --disassemble) now has an option to
generate ascii art thats show the arcs between that start and end
points of control flow instructions.
* The binutils tools now have support for debuginfod. Debuginfod is a
HTTP service for distributing ELF/DWARF debugging information as
well as source code. The tools can now connect to debuginfod
servers in order to download debug information about the files that
they are processing.
* The assembler and linker now support the generation of ELF format
files for the Z80 architecture.
- Add new subpackages for libctf and libctf-nobfd.
- Disable LTO due to bsc#1163333.
- Includes fixes for these CVEs:
bsc#1153768 aka CVE-2019-17451 aka PR25070
bsc#1153770 aka CVE-2019-17450 aka PR25078
- fix various build fails on aarch64 (PR25210, bsc#1157755).
Update to binutils 2.33.1:
* Adds support for the Arm Scalable Vector Extension version 2
(SVE2) instructions, the Arm Transactional Memory Extension (TME)
instructions and the Armv8.1-M Mainline and M-profile Vector
Extension (MVE) instructions.
* Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P
processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,
Cortex-A76AE, and Cortex-A77 processors.
* Adds a .float16 directive for both Arm and AArch64 to allow
encoding of 16-bit floating point literals.
* For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)
Loongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no]
configure time option to set the default behavior. Set the default
if the configure option is not used to 'no'.
* The Cortex-A53 Erratum 843419 workaround now supports a choice of
which workaround to use. The option --fix-cortex-a53-843419 now
takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp]
which can be used to force a particular workaround to be used.
See --help for AArch64 for more details.
* Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and
GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties
in the AArch64 ELF linker.
* Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI
on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI
on inputs and use PLTs protected with BTI.
* Add -z pac-plt for AArch64 to pick PAC enabled PLTs.
* Add --source-comment[=<txt>] option to objdump which if present,
provides a prefix to source code lines displayed in a disassembly.
* Add --set-section-alignment <section-name>=<power-of-2-align>
option to objcopy to allow the changing of section alignments.
* Add --verilog-data-width option to objcopy for verilog targets to
control width of data elements in verilog hex format.
* The separate debug info file options of readelf (--debug-dump=links
and --debug-dump=follow) and objdump (--dwarf=links and
--dwarf=follow-links) will now display and/or follow multiple
links if more than one are present in a file. (This usually
happens when gcc's -gsplit-dwarf option is used).
In addition objdump's --dwarf=follow-links now also affects its
other display options, so that for example, when combined with
--syms it will cause the symbol tables in any linked debug info
files to also be displayed. In addition when combined with
--disassemble the --dwarf= follow-links option will ensure that
any symbol tables in the linked files are read and used when
disassembling code in the main file.
* Add support for dumping types encoded in the Compact Type Format
to objdump and readelf.
- Includes fixes for these CVEs:
bsc#1126826 aka CVE-2019-9077 aka PR1126826
bsc#1126829 aka CVE-2019-9075 aka PR1126829
bsc#1126831 aka CVE-2019-9074 aka PR24235
bsc#1140126 aka CVE-2019-12972 aka PR23405
bsc#1143609 aka CVE-2019-14444 aka PR24829
bsc#1142649 aka CVE-2019-14250 aka PR90924
* Add xBPF target
* Fix various problems with DWARF 5 support in gas
* fix nm -B for objects compiled with -flto and -fcommon.
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames: openSUSE-2020-1790
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.2 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
43 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for binutils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for binutils fixes the following issues:\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35:\n\n* The assembler can now produce DWARF-5 format line number tables.\n* Readelf now has a \u0027lint\u0027 mode to enable extra checks of the files it is processing.\n* Readelf will now display \u0027[...]\u0027 when it has to truncate a symbol name. \n The old behaviour - of displaying as many characters as possible, up to\n the 80 column limit - can be restored by the use of the --silent-truncation\n option.\n* The linker can now produce a dependency file listing the inputs that it\n has processed, much like the -M -MP option supported by the compiler.\n\n- fix DT_NEEDED order with -flto [bsc#1163744]\n\n\nUpdate to binutils 2.34:\n\n* The disassembler (objdump --disassemble) now has an option to\n generate ascii art thats show the arcs between that start and end\n points of control flow instructions.\n* The binutils tools now have support for debuginfod. Debuginfod is a \n HTTP service for distributing ELF/DWARF debugging information as\n well as source code. The tools can now connect to debuginfod\n servers in order to download debug information about the files that\n they are processing.\n* The assembler and linker now support the generation of ELF format\n files for the Z80 architecture.\n\n- Add new subpackages for libctf and libctf-nobfd.\n- Disable LTO due to bsc#1163333.\n- Includes fixes for these CVEs:\n bsc#1153768 aka CVE-2019-17451 aka PR25070\n bsc#1153770 aka CVE-2019-17450 aka PR25078\n\n- fix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1:\n\n* Adds support for the Arm Scalable Vector Extension version 2\n (SVE2) instructions, the Arm Transactional Memory Extension (TME)\n instructions and the Armv8.1-M Mainline and M-profile Vector\n Extension (MVE) instructions.\n* Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P\n processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,\n Cortex-A76AE, and Cortex-A77 processors.\n* Adds a .float16 directive for both Arm and AArch64 to allow\n encoding of 16-bit floating point literals.\n* For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)\n Loongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no]\n configure time option to set the default behavior. Set the default\n if the configure option is not used to \u0027no\u0027.\n* The Cortex-A53 Erratum 843419 workaround now supports a choice of\n which workaround to use. The option --fix-cortex-a53-843419 now\n takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp]\n which can be used to force a particular workaround to be used.\n See --help for AArch64 for more details.\n* Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\n GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties\n in the AArch64 ELF linker. \n* Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI\n on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI \n on inputs and use PLTs protected with BTI.\n* Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n* Add --source-comment[=\u003ctxt\u003e] option to objdump which if present,\n provides a prefix to source code lines displayed in a disassembly.\n* Add --set-section-alignment \u003csection-name\u003e=\u003cpower-of-2-align\u003e\n option to objcopy to allow the changing of section alignments.\n* Add --verilog-data-width option to objcopy for verilog targets to\n control width of data elements in verilog hex format.\n* The separate debug info file options of readelf (--debug-dump=links\n and --debug-dump=follow) and objdump (--dwarf=links and\n --dwarf=follow-links) will now display and/or follow multiple\n links if more than one are present in a file. (This usually\n happens when gcc\u0027s -gsplit-dwarf option is used).\n In addition objdump\u0027s --dwarf=follow-links now also affects its\n other display options, so that for example, when combined with\n --syms it will cause the symbol tables in any linked debug info\n files to also be displayed. In addition when combined with\n --disassemble the --dwarf= follow-links option will ensure that\n any symbol tables in the linked files are read and used when\n disassembling code in the main file.\n* Add support for dumping types encoded in the Compact Type Format\n to objdump and readelf.\n- Includes fixes for these CVEs:\n bsc#1126826 aka CVE-2019-9077 aka PR1126826\n bsc#1126829 aka CVE-2019-9075 aka PR1126829\n bsc#1126831 aka CVE-2019-9074 aka PR24235\n bsc#1140126 aka CVE-2019-12972 aka PR23405\n bsc#1143609 aka CVE-2019-14444 aka PR24829\n bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n* Add xBPF target\n* Fix various problems with DWARF 5 support in gas\n* fix nm -B for objects compiled with -flto and -fcommon.\n\n \nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1790",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1790-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1790-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AYODXTIQHTHANYSEI73JBXTPH244JTOU/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1790-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AYODXTIQHTHANYSEI73JBXTPH244JTOU/"
},
{
"category": "self",
"summary": "SUSE Bug 1126826",
"url": "https://bugzilla.suse.com/1126826"
},
{
"category": "self",
"summary": "SUSE Bug 1126829",
"url": "https://bugzilla.suse.com/1126829"
},
{
"category": "self",
"summary": "SUSE Bug 1126831",
"url": "https://bugzilla.suse.com/1126831"
},
{
"category": "self",
"summary": "SUSE Bug 1140126",
"url": "https://bugzilla.suse.com/1140126"
},
{
"category": "self",
"summary": "SUSE Bug 1142649",
"url": "https://bugzilla.suse.com/1142649"
},
{
"category": "self",
"summary": "SUSE Bug 1143609",
"url": "https://bugzilla.suse.com/1143609"
},
{
"category": "self",
"summary": "SUSE Bug 1153768",
"url": "https://bugzilla.suse.com/1153768"
},
{
"category": "self",
"summary": "SUSE Bug 1153770",
"url": "https://bugzilla.suse.com/1153770"
},
{
"category": "self",
"summary": "SUSE Bug 1157755",
"url": "https://bugzilla.suse.com/1157755"
},
{
"category": "self",
"summary": "SUSE Bug 1160254",
"url": "https://bugzilla.suse.com/1160254"
},
{
"category": "self",
"summary": "SUSE Bug 1160590",
"url": "https://bugzilla.suse.com/1160590"
},
{
"category": "self",
"summary": "SUSE Bug 1163333",
"url": "https://bugzilla.suse.com/1163333"
},
{
"category": "self",
"summary": "SUSE Bug 1163744",
"url": "https://bugzilla.suse.com/1163744"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12972 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14250 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14444 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17450 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17451 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9074 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9075 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9077 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9077/"
}
],
"title": "Security update for binutils",
"tracking": {
"current_release_date": "2020-10-31T13:22:55Z",
"generator": {
"date": "2020-10-31T13:22:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1790-1",
"initial_release_date": "2020-10-31T13:22:55Z",
"revision_history": [
{
"date": "2020-10-31T13:22:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "binutils-2.35-lp151.3.9.1.i586",
"product": {
"name": "binutils-2.35-lp151.3.9.1.i586",
"product_id": "binutils-2.35-lp151.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "binutils-devel-2.35-lp151.3.9.1.i586",
"product": {
"name": "binutils-devel-2.35-lp151.3.9.1.i586",
"product_id": "binutils-devel-2.35-lp151.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "binutils-gold-2.35-lp151.3.9.1.i586",
"product": {
"name": "binutils-gold-2.35-lp151.3.9.1.i586",
"product_id": "binutils-gold-2.35-lp151.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "libctf-nobfd0-2.35-lp151.3.9.1.i586",
"product": {
"name": "libctf-nobfd0-2.35-lp151.3.9.1.i586",
"product_id": "libctf-nobfd0-2.35-lp151.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "libctf0-2.35-lp151.3.9.1.i586",
"product": {
"name": "libctf0-2.35-lp151.3.9.1.i586",
"product_id": "libctf0-2.35-lp151.3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "binutils-devel-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "binutils-devel-2.35-lp151.3.9.1.x86_64",
"product_id": "binutils-devel-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"product_id": "binutils-devel-32bit-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "binutils-gold-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "binutils-gold-2.35-lp151.3.9.1.x86_64",
"product_id": "binutils-gold-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-arm-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-avr-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-hppa-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-i386-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-ia64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-m68k-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-mips-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-ppc-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-rx-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-s390-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-s390x-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-sparc-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"product_id": "cross-spu-binutils-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"product_id": "libctf-nobfd0-2.35-lp151.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libctf0-2.35-lp151.3.9.1.x86_64",
"product": {
"name": "libctf0-2.35-lp151.3.9.1.x86_64",
"product_id": "libctf0-2.35-lp151.3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-2.35-lp151.3.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586"
},
"product_reference": "binutils-2.35-lp151.3.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-devel-2.35-lp151.3.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586"
},
"product_reference": "binutils-devel-2.35-lp151.3.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-devel-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "binutils-devel-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-devel-32bit-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-gold-2.35-lp151.3.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586"
},
"product_reference": "binutils-gold-2.35-lp151.3.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "binutils-gold-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "binutils-gold-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-arm-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-avr-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-hppa-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-i386-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-ia64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-m68k-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-mips-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-ppc-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-rx-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-s390-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-s390x-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-sparc-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cross-spu-binutils-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libctf-nobfd0-2.35-lp151.3.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586"
},
"product_reference": "libctf-nobfd0-2.35-lp151.3.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libctf-nobfd0-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libctf0-2.35-lp151.3.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586"
},
"product_reference": "libctf0-2.35-lp151.3.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libctf0-2.35-lp151.3.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
},
"product_reference": "libctf0-2.35-lp151.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-12972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12972"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing \u0027\\0\u0027 character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12972",
"url": "https://www.suse.com/security/cve/CVE-2019-12972"
},
{
"category": "external",
"summary": "SUSE Bug 1140126 for CVE-2019-12972",
"url": "https://bugzilla.suse.com/1140126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2019-12972"
},
{
"cve": "CVE-2019-14250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14250"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14250",
"url": "https://www.suse.com/security/cve/CVE-2019-14250"
},
{
"category": "external",
"summary": "SUSE Bug 1142649 for CVE-2019-14250",
"url": "https://bugzilla.suse.com/1142649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2019-14250"
},
{
"cve": "CVE-2019-14444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14444"
}
],
"notes": [
{
"category": "general",
"text": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14444",
"url": "https://www.suse.com/security/cve/CVE-2019-14444"
},
{
"category": "external",
"summary": "SUSE Bug 1143609 for CVE-2019-14444",
"url": "https://bugzilla.suse.com/1143609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "low"
}
],
"title": "CVE-2019-14444"
},
{
"cve": "CVE-2019-17450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17450"
}
],
"notes": [
{
"category": "general",
"text": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17450",
"url": "https://www.suse.com/security/cve/CVE-2019-17450"
},
{
"category": "external",
"summary": "SUSE Bug 1153770 for CVE-2019-17450",
"url": "https://bugzilla.suse.com/1153770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "low"
}
],
"title": "CVE-2019-17450"
},
{
"cve": "CVE-2019-17451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17451"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17451",
"url": "https://www.suse.com/security/cve/CVE-2019-17451"
},
{
"category": "external",
"summary": "SUSE Bug 1153768 for CVE-2019-17451",
"url": "https://bugzilla.suse.com/1153768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "low"
}
],
"title": "CVE-2019-17451"
},
{
"cve": "CVE-2019-9074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9074"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9074",
"url": "https://www.suse.com/security/cve/CVE-2019-9074"
},
{
"category": "external",
"summary": "SUSE Bug 1126831 for CVE-2019-9074",
"url": "https://bugzilla.suse.com/1126831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2019-9074"
},
{
"cve": "CVE-2019-9075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9075"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9075",
"url": "https://www.suse.com/security/cve/CVE-2019-9075"
},
{
"category": "external",
"summary": "SUSE Bug 1071544 for CVE-2019-9075",
"url": "https://bugzilla.suse.com/1071544"
},
{
"category": "external",
"summary": "SUSE Bug 1126829 for CVE-2019-9075",
"url": "https://bugzilla.suse.com/1126829"
},
{
"category": "external",
"summary": "SUSE Bug 1193110 for CVE-2019-9075",
"url": "https://bugzilla.suse.com/1193110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "low"
}
],
"title": "CVE-2019-9075"
},
{
"cve": "CVE-2019-9077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9077"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9077",
"url": "https://www.suse.com/security/cve/CVE-2019-9077"
},
{
"category": "external",
"summary": "SUSE Bug 1126826 for CVE-2019-9077",
"url": "https://bugzilla.suse.com/1126826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-devel-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-devel-32bit-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:binutils-gold-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-aarch64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-arm-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-avr-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-epiphany-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-hppa64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-i386-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ia64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-m68k-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-mips-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-ppc64le-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-riscv64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-rx-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-s390x-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-sparc64-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:cross-spu-binutils-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf-nobfd0-2.35-lp151.3.9.1.x86_64",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.i586",
"openSUSE Leap 15.1:libctf0-2.35-lp151.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-31T13:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2019-9077"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…