Oracle Linux 6191 Published by

A gcc security update has been released for Oracle Linux 9.



ELSA-2023-12788 Low: Oracle Linux 9 gcc security update


Oracle Linux Security Advisory ELSA-2023-12788

http://linux.oracle.com/errata/ELSA-2023-12788.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libatomic-11.3.1-4.3.0.4.el9.i686.rpm
libatomic-11.3.1-4.3.0.4.el9.x86_64.rpm
libgcc-11.3.1-4.3.0.4.el9.i686.rpm
libgcc-11.3.1-4.3.0.4.el9.x86_64.rpm
libgfortran-11.3.1-4.3.0.4.el9.i686.rpm
libgfortran-11.3.1-4.3.0.4.el9.x86_64.rpm
libgomp-11.3.1-4.3.0.4.el9.i686.rpm
libgomp-11.3.1-4.3.0.4.el9.x86_64.rpm
libquadmath-11.3.1-4.3.0.4.el9.i686.rpm
libquadmath-11.3.1-4.3.0.4.el9.x86_64.rpm
libstdc++-11.3.1-4.3.0.4.el9.i686.rpm
libstdc++-11.3.1-4.3.0.4.el9.x86_64.rpm
cpp-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-c++-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-gfortran-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-offload-nvptx-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-plugin-annobin-11.3.1-4.3.0.4.el9.x86_64.rpm
libasan-11.3.1-4.3.0.4.el9.i686.rpm
libasan-11.3.1-4.3.0.4.el9.x86_64.rpm
libgccjit-11.3.1-4.3.0.4.el9.i686.rpm
libgccjit-11.3.1-4.3.0.4.el9.x86_64.rpm
libgccjit-devel-11.3.1-4.3.0.4.el9.i686.rpm
libgccjit-devel-11.3.1-4.3.0.4.el9.x86_64.rpm
libgomp-offload-nvptx-11.3.1-4.3.0.4.el9.x86_64.rpm
libitm-11.3.1-4.3.0.4.el9.i686.rpm
libitm-11.3.1-4.3.0.4.el9.x86_64.rpm
libitm-devel-11.3.1-4.3.0.4.el9.i686.rpm
libitm-devel-11.3.1-4.3.0.4.el9.x86_64.rpm
liblsan-11.3.1-4.3.0.4.el9.x86_64.rpm
libquadmath-devel-11.3.1-4.3.0.4.el9.i686.rpm
libquadmath-devel-11.3.1-4.3.0.4.el9.x86_64.rpm
libstdc++-devel-11.3.1-4.3.0.4.el9.i686.rpm
libstdc++-devel-11.3.1-4.3.0.4.el9.x86_64.rpm
libstdc++-docs-11.3.1-4.3.0.4.el9.x86_64.rpm
libtsan-11.3.1-4.3.0.4.el9.x86_64.rpm
libubsan-11.3.1-4.3.0.4.el9.i686.rpm
libubsan-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-plugin-devel-11.3.1-4.3.0.4.el9.i686.rpm
gcc-plugin-devel-11.3.1-4.3.0.4.el9.x86_64.rpm
libstdc++-static-11.3.1-4.3.0.4.el9.i686.rpm
libstdc++-static-11.3.1-4.3.0.4.el9.x86_64.rpm
gcc-toolset-12-gcc-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-gcc-c++-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-gcc-gfortran-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libgccjit-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libgccjit-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libgccjit-docs-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-liblsan-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libquadmath-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libquadmath-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libstdc++-docs-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libtsan-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.4.0.2.el9.i686.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-offload-nvptx-12.2.1-7.4.0.2.el9.x86_64.rpm
libasan8-12.2.1-7.4.0.2.el9.i686.rpm
libasan8-12.2.1-7.4.0.2.el9.x86_64.rpm
libtsan2-12.2.1-7.4.0.2.el9.x86_64.rpm
gcc-toolset-12-gcc-plugin-annobin-12.2.1-7.4.0.2.el9.x86_64.rpm

aarch64:
libatomic-11.3.1-4.3.0.4.el9.aarch64.rpm
libgcc-11.3.1-4.3.0.4.el9.aarch64.rpm
libgfortran-11.3.1-4.3.0.4.el9.aarch64.rpm
libgomp-11.3.1-4.3.0.4.el9.aarch64.rpm
libstdc++-11.3.1-4.3.0.4.el9.aarch64.rpm
cpp-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-c++-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-gfortran-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-plugin-annobin-11.3.1-4.3.0.4.el9.aarch64.rpm
libasan-11.3.1-4.3.0.4.el9.aarch64.rpm
libgccjit-11.3.1-4.3.0.4.el9.aarch64.rpm
libgccjit-devel-11.3.1-4.3.0.4.el9.aarch64.rpm
libitm-11.3.1-4.3.0.4.el9.aarch64.rpm
libitm-devel-11.3.1-4.3.0.4.el9.aarch64.rpm
liblsan-11.3.1-4.3.0.4.el9.aarch64.rpm
libstdc++-devel-11.3.1-4.3.0.4.el9.aarch64.rpm
libstdc++-docs-11.3.1-4.3.0.4.el9.aarch64.rpm
libtsan-11.3.1-4.3.0.4.el9.aarch64.rpm
libubsan-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-plugin-devel-11.3.1-4.3.0.4.el9.aarch64.rpm
libstdc++-static-11.3.1-4.3.0.4.el9.aarch64.rpm
gcc-toolset-12-gcc-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-gcc-c++-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-gcc-gfortran-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libgccjit-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libgccjit-docs-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-liblsan-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libstdc++-docs-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libtsan-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.4.0.2.el9.aarch64.rpm
libasan8-12.2.1-7.4.0.2.el9.aarch64.rpm
libtsan2-12.2.1-7.4.0.2.el9.aarch64.rpm
gcc-toolset-12-gcc-plugin-annobin-12.2.1-7.4.0.2.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//gcc-11.3.1-4.3.0.4.el9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//gcc-toolset-12-gcc-12.2.1-7.4.0.2.el9.src.rpm

Related CVEs:

CVE-2023-4039
CVE-2022-40982

Description of changes:

gcc
[11.3.1-4.3.0.4]
- CVE-2023-4039 GCC mitigation.
Orabug 35751837.
- CVE-2022-40982 "Intel Downfall" mitigation.
Orabug 35751842.
Add two patches originally from GCC upstream releases/gcc-11 branch.
gcc11-downfall-disable-gather-in-vec.patch
gcc11-downfall-support-mno-gather.patch
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]

gcc-toolset-12-gcc
[12.2.1-7.4.0.2]
- CVE-2023-4039 GCC mitigation.
Orabug 35751965.
- CVE-2022-40982 "Intel Downfall" mitigation.
Orabug 35751972.
Add two patches originally from GCC upstream releases/gcc-11 branch.
gcc12-downfall-disable-gather-in-vec.patch
gcc12-downfall-support-mno-gather.patch
- Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.