—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgendes Fedora Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.
CVE-2010-2322 – Schwachstelle in FastJar
In FastJar existiert eine Schwachstelle beim Entpacken von .jar
Dateien, welche dazu fuehrt, dass beliebige Dateien im
Verzeichnisbaum ueberschrieben werden koennen. Grund hierfuer ist ein
Fehler in der Funktion ‘extract_jar()’, durch den absolute Pfade
beruecksichtigt werden . Ein entfernter Angreifer kann diese
Schwachstelle ausnutzen, indem er eine .jar Datei mit manipulierten
Dateinamen erstellt.
CVE-2010-0831 – Directory Traversal Schwachstelle in FastJar
In FastJar wurde eine Schwachstelle beim Entpacken von .jar Dateien
entdeckt, welche dazu fuehrt, dass beliebige Dateien im
Verzeichnisbaum ueberschrieben werden koennen, da Dateinamen von
FastJar nicht genuegend auf bestimmte Zeichen ueberprueft (z.B.:
“../../”) werden. Grund hierfuer ist ein Fehler in der Funktion
‘extract_jar()’. Ein entfernter Angreifer kann diese Schwachstelle
ausnutzen, indem er eine .jar Datei mit manipulierten Dateinamen erstellt.
Betroffen sind die folgenden Software Pakete und Plattformen:
Paket libtool
Paket gcc
Fedora 12
Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.
Mit freundlichen Gruessen,
Michael Groening, DFN-CERT
– —
Michael Groening (Incident Response Team)
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Automatische Warnmeldungen https://www.cert.dfn.de/autowarn
– ——————————————————————————–
Fedora Update Notification
FEDORA-2010-10640
2010-07-01 18:08:28
– ——————————————————————————–
Name : gcc
Product : Fedora 12
Version : 4.4.4
Release : 10.fc12
URL : http://gcc.gnu.org
Summary : Various compilers (C, C++, Objective-C, Java, …)
Description :
The gcc package contains the GNU Compiler Collection version 4.4.
You’ll need this package in order to compile C code.
– ——————————————————————————–
ChangeLog:
* Wed Jun 30 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs fortran/43841, fortran/43843, tree-optimization/44683
– fix qualified-id as template argument handling (#605761, PR c++/44587)
– – -Wunused-but-set-* static_cast fix (PR c++/44682)
– – VTA backports
– PRs debug/44610, debug/44668, debug/44694
– – unswitching fixes (PR middle-end/43866)
* Thu Jun 24 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs bootstrap/44426, bootstrap/44544, c++/44627, fortran/44536,
libgcj/44216, target/39690, target/43740, target/44261, target/44481,
target/44534, target/44615, testsuite/32843, testsuite/43739,
tree-optimization/44508
– – VTA backports
– PRs debug/43650, debug/44181, debug/44247
– – -Wunused-but-set-* ->*/.* fix (PR c++/44619)
– – undeprecate #ident and #sccs (#606069)
– – fixup dates in generated man pages even for fastjar and gcc/ man pages
– – don’t realign stack on x86/x86-64 just because a DECL_ALIGN was set
too high by expansion code (#603924, PR target/44542)
– – don’t allow side-effects in inline-asm memory operands unless
< or > is present in operand’s constraint (#602359, PR middle-end/44492)
* Fri Jun 11 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– fix demangler (PR other/43838)
– – VTA backports
– further var-tracking speedup (#598310, PR debug/41371)
– – for typedefs in non-template classes adjust underlying type to
emit proper debug info (#601893)
– – fix up fastjar directory traversal bugs (CVE-2010-0831)
* Tue Jun 8 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/43555, fortran/42900, fortran/44360, libfortran/41169,
libgcj/38251, libobjc/36610, libstdc++/32499, pch/14940,
rtl-optimization/39580, target/44075, target/44169, target/44199
– – VTA backports
– PRs debug/44367, debug/44375, rtl-optimization/44013,
tree-optimization/44182
– speed up var-tracking (#598310, PR debug/41371)
– – -Wunused-but-set-* bugfixes
– PRs c++/44361, c++/44362, c++/44412, c++/44443, c++/44444
– – fix -mno-fused-madd -mfma4 on i?86/x86_64 (PR target/44338)
– – use GCJ_PROPERTIES=jdt.compiler.useSingleThread=true when
building classes with ecj1 (#524155)
* Tue May 25 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs bootstrap/43870, debug/44205, target/43733, target/44074,
target/44202, target/44245, tree-optimization/43845
– fix cv-qual issue with function types (#593750, PR c++/44193)
– – VTA backports
– PRs debug/41371, debug/42801, debug/43260, debug/43521
* Tue May 18 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PR fortran/44135
– – C++ -Wunused-but-set-variable fix (PR c++/44108)
– – avoid C++ gimplification affecting mangling (#591635, PR c++/44148)
– – asm goto fixes (PRs middle-end/44102, bootstrap/42347)
– – VTA backports
– PRs debug/41371, debug/44112
* Fri May 14 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs debug/43370, documentation/44016, fortran/44036, middle-end/43671,
middle-end/44085, target/43744
– – make comdat guards of STB_GNU_UNIQUE variables also STB_GNU_UNIQUE
(PR c++/44059)
– – VTA backports
– PRs debug/42278, debug/43950, debug/43983,debug/44104, debug/44136
– fix up .debug_macinfo (#479914)
– – asm goto fixes (PRs middle-end/44071, middle-end/42739)
– – fix up -march=native (PR target/44046)
– – C++ -Wunused-but-set-{variable,parameter} support, fixes for C support
(#538266, PRs c++/44062, c/43981)
– – -march=bdver1 and -mtune=bdver1 support
* Mon May 3 2010 Jakub Jelinek
– – fix VTA ICE on subregs of @GOTPCREL symbols (#588154, PR debug/43972)
* Fri Apr 30 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– GCC 4.4.4 release
– – VTA backports
– PR target/43921
* Tue Apr 27 2010 Jakub Jelinek
– – Power7 backports (#584993, #585005)
– PRs tree-optimization/43544, target/41787, target/43154, middle-end/42431,
rtl-optimization/43413
– – add @GCC_4.5.0 symbols to libgcc_s
– PRs target/43383, other/25232
– – force DW_CFA_def_cfa instead of DW_CFA_def_cfa_{register,offset{,_sf}}
after DW_CFA_def_cfa_expression
– – make sure _Unwind_DebugHook uses standard calling convention
– – #pragma omp for fix (PR c/43893)
* Thu Apr 22 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs fortran/43339, fortran/43836, libgcj/40860, libgomp/43569,
libgomp/43706, libstdc++/40518, middle-end/43337, middle-end/43570,
tree-optimization/43769, tree-optimization/43771
– fix ICE when compiling 64-bit Wine (#583501, PR target/43662)
– – VTA backports
– PRs debug/40040, debug/43762
– – add support for -Wunused-but-set-{parameter,variable} non-default
warnings for C (#538266, PRs c/18624, bootstrap/43699)
* Fri Apr 9 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs ada/41912, fortran/43539, middle-end/42956, middle-end/43614,
target/38085, target/43458, target/43643, target/43668,
tree-optimization/43186, tree-optimization/43560,
tree-optimization/43607, tree-optimization/43629
– – VTA backports
– PR debug/43670
– – fix xop-vpermil2p* tests (target/43103)
* Wed Apr 7 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs libfortran/43605, target/43638
– – AMD XOP fixes (#579493, PRs target/42664, target/43667)
– – fix raw string support on big endian hosts (PR preprocessor/43642)
– – allow -gdwarf-4 option
* Thu Apr 1 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs other/43562, c++/41185, c++/41786, fortran/43409, fortran/43551,
libfortran/43409, middle-end/43600, target/39254, target/43524,
tree-optimization/43528
– – update raw string support to match N3077
– – VTA backports
– PRs bootstrap/43596, debug/42977, debug/43557, debug/43593,
target/43580
* Sat Mar 27 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c/43381, libfortran/43517, target/42113
– – VTA backports
– PRs debug/43516, debug/43540
* Thu Mar 25 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c/43385, target/43348, tree-optimization/43415
– – VTA backports
– PRs bootstrap/43511, debug/19192, debug/43479, debug/43508
– – provide unwind info even for C++ thunks on x86, x86-64 and s390{,x}
(PR target/43498)
– – provide unwind info for x86 PIC thunks even when not using CFI assembler
directives (PR debug/43293)
* Mon Mar 22 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/43116, libfortran/43265, libgomp/42942, middle-end/42718,
middle-end/43419, rtl-optimization/43360, rtl-optimization/43438,
target/43305, target/43417
– – VTA backports
– PRs bootstrap/43399, bootstrap/43403, debug/42873, debug/43058,
debug/43443, target/43399
* Tue Mar 16 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs fortran/43228, fortran/43303, libfortran/43265, libfortran/43320
– – VTA backports
– PRs debug/36728, debug/43051, debug/43092, debug/43290,
tree-optimization/42917, tree-optimization/43317
– fix non-localized vars handling and forwarder block merging
(#572260, PR debug/43329)
* Tue Mar 9 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs ada/42253, bootstrap/43121, c/43248, tree-optimization/43220
– – VTA backports
– PRs debug/42897, debug/43176, debug/43177, debug/43229, debug/43237,
debug/43290, debug/43299, debug/43304
– – fix unwind info in i?86 PIC register setup sequences (PR debug/43293)
* Fri Feb 26 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PR libstdc++/21769
– – VTA backports
– PRs debug/42800, debug/43077, debug/43150, debug/43160, debug/43161,
debug/43165, debug/43166, debug/43190, target/43139
– – fix alignment of some stack vars (PR middle-end/39315)
* Sun Feb 21 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/43024, c++/43033, fortran/41869, target/40887,
tree-optimization/42871, tree-optimization/43074
– – VTA backports (PRs debug/42918, debug/43084)
– – –enable-decimal-float on s390{,x} (#565871)
– – improve __builtin_expect handling, propagate branch probabilities
during expansion even for sequences with more than one jump
(PR middle-end/42233)
* Thu Feb 11 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PR tree-optimization/42705
– fix up -femit-struct-debug-baseonly (#561320, PR debug/43010)
– –enable-checking=valgrind bugfixes (PRs fortran/43029, fortran/43030)
– – VTA backports (#562312)
– – some further –enable-checking=valgrind bugfixes (PR target/38781)
* Mon Feb 8 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs fortran/38324, fortran/41044, fortran/41167, fortran/42309,
fortran/42650, fortran/42736, libfortran/42901, middle-end/42898,
middle-end/42995, rtl-optimization/42952, tree-optimization/42462,
tree-optimization/42890, tree-optimization/42931
– – VTA backports
– PRs target/42924, debug/42896, rtl-optimization/42889
* Wed Jan 27 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs bootstrap/42786, fortran/42866, target/38697, target/42841
– – fix up handling of constant pool elements in dwarf2out
– – fix acats norun.lst handling
– – fix asm redirection of builtin ffs on 64-bit arches (#559186)
* Mon Jan 25 2010 Jakub Jelinek
– – VTA improvements (#556975, PR debug/42861)
* Sat Jan 23 2010 Dennis Gilmore
– – use gas .section syntax (#530847)
* Thu Jan 21 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– GCC 4.4.3 release
– – don’t insert DEBUG_STMTs after stmts that can throw, instead insert them
at the start of the next bb
* Thu Jan 21 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs middle-end/42803, rtl-optimization/42691, target/42542, target/42774,
tree-optimization/41826, tree-optimization/42773
– fix DW_OP_mod handling in the unwinder
– – VTA backports
– PRs debug/42782, debug/42767
– avoid dead VALUES to magically reappear during var-tracking
(#557068, PR debug/42715)
– don’t assume non-addressable automatic MEMs die at each call
during var-tracking (#556975, PR debug/42728)
* Fri Jan 15 2010 Jakub Jelinek
– – fix ICE with std::complex
– – avoid exponential hangs in gen_lsm_tmp_name
* Fri Jan 15 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PR c++/42655
* Thu Jan 14 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c/42721, middle-end/40281, middle-end/42667, rtl-optimization/42699
– – re-add –param max-vartrack-size patch, but this time with default 50mil
instead of 5mil (#531218, #548826)
– – don’t emit -Wreturn-type warnings in noreturn functions
(PR middle-end/42674)
– – march=native fixes for ix86/x86_64
* Tue Jan 12 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs debug/42662, libjava/40859
– – speed up var-tracking on various KDE sources (PR debug/41371)
– – revert –param max-vartrack-size=NNNN hack
– – fix up epilogue unwinding with -fsched2-use-superblocks (PR middle-end/41883)
– – fix a -fcompare-debug failure (PR tree-optimization/42645)
– – don’t make undef symbols weak just because they are known to have C++ vague
linkage (PR c++/42608)
* Sat Jan 9 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs target/42511, target/42542, target/42564
– – VTA backports
– PRs debug/42630, debug/42631
– – improve construction of ppc64 constants between 0x80000000 and 0xffffffff
– – fix inliner and var-tracking not to drop location info needlessly in certain
cases (#552376, PR debug/42657)
* Wed Jan 6 2010 Jakub Jelinek
– – add –param max-vartrack-size=NNNN parameter, give up on
-fvar-tracking-assignments if var-tracking hash tables are over that limit
– – fix VTA bugs in the vectorizer (PRs debug/42604, debug/42395)
– – fix VTA bug with noreturn calls (PR middle-end/42363)
* Tue Jan 5 2010 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/42331, middle-end/41344, middle-end/42099, other/42611,
rtl-optimization/42475, target/40134, target/42448, target/42503,
target/42549, tree-optimization/41956, tree-optimization/42231,
tree-optimization/42337, tree-optimization/42614
– – fix -m*=native with several sources on the command line (PR driver/42442)
– – avoid code size differences from traversing decl hash tables hashed by uid
if uid gap sizes differ
– – fix .debug_ranges with -ffunction-sections (PR debug/42454)
* Tue Dec 22 2009 Jakub Jelinek
– – fix MEM_SIZE of reload created stack slots (#548825,
PR rtl-optimization/42429)
– – fix addition of one character long filenames in fastjar (#549493)
* Thu Dec 17 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/42387
– – another C++ virtual dtors fix (PR c++/42386)
– – VTA mode and COND_EXEC fixes (PR debug/41679)
– – fix ICE in chrec_convert_1 (#547775)
– – fix debuginfo for optimized out TLS vars
– – use DW_AT_location with DW_OP_addr + DW_OP_stack_value instead of
DW_AT_const_value with address in it, use DW_OP_addr + DW_OP_stack_value
instead of DW_OP_implicit_value with address (#546017)
* Mon Dec 14 2009 Jakub Jelinek
– – propagate TREE_NOTHROW/TREE_READONLY/DECL_PURE_P from ipa-pure-const and
EH opt to all same body aliases (#547286)
– – don’t emit DWARF location list entries with no location or DW_AT_location
with empty blocks (PR debug/41473)
– – fix up AMD LWP support
– – don’t crash when mangling C++ decls inside of middle-end generated functions
(PR c++/41183)
* Fri Dec 11 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/27425, c++/34274, c++/42301, fortran/42268, java/41991,
libstdc++/42273, rtl-optimization/41574, target/41196, target/41939
target/42263
* Wed Dec 9 2009 Jakub Jelinek
– – VTA backports
– PRs debug/42166, debug/42234, debug/42244, debug/42299
– – fix handling of C++ COMDAT virtual destructors
– – some x86/x86_64 FMA4, XOP, ABM and LWP fixes
– – fix a decltype handling bug in templates (PR c++/42277)
* Fri Dec 4 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs libstdc++/42261, middle-end/42049
– – backport C++0x ICE fix from trunk (PR c++/42266)
– – fortran !$omp workshare improvements (PR fortran/35423)
– – FMA4 and XOP fixes
* Wed Dec 2 2009 Jakub Jelinek
– – fix security issues in libltdl bundled within libgcj (CVE-2009-3736)
* Wed Dec 2 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/42234, fortran/41278, fortran/41807, fortran/42162, target/42113,
target/42165
– don’t ICE on -O256 (#539923)
– – fix -mregnames on ppc/ppc64
– – optimize even COMDAT constructors and destructors without virtual
bases (PR c++/3187)
* Mon Nov 23 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/42059, c++/42061, libgfortran/42090
– – VTA backports
– PRs debug/41886, debug/41888, debug/41926, tree-optimization/42078
– – optimize non-COMDAT constructors and destructors without virtual
bases by making the base and complete ctor or dtor aliases of
each other (PR c++/3187)
* Sat Nov 14 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/21008, c++/37037, c++/41972, c++/41994, middle-end/40946,
middle-end/42029
– – VTA backports
– PR middle-end/41930
– – optimize deleting destructors for size (PR c++/3187)
– – try to avoid file Requires by requiring package%{?_isa} (#533947)
* Mon Nov 9 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/35067, c++/36912, c++/36959, c++/37093, c++/38699, c++/39786,
c++/41856, c++/41876, c++/41967, c++/9381, fortran/41772,
fortran/41909, middle-end/41963, rtl-optimization/41917,
target/41900, tree-optimization/41643
– – selected backports from trunk
– PRs debug/41801, middle-end/41837, target/41985, tree-optimization/41841
– – initial AMD Orochi -mxop and -mlwp support
– – try to avoid wrapping CONST_INTs/VOIDmode CONST_DOUBLEs into CONST
* Mon Nov 2 2009 Jakub Jelinek
– – update from gcc-4_4-branch
– PRs c++/41754, fortran/41777, fortran/41850, libstdc++/40852
– – fix ICE with unmatched #pragma GCC visibility push/pop (PR c++/41774)
– – fix VTA ICE with -combine (#531385, PR debug/41893)
– – fix RTTI for anon namespace classes
– – fix incorrect uses of __restrict keyword in valarray (PR libstdc++/41763)
– ——————————————————————————–
References:
[ 1 ] Bug #594497 – CVE-2010-0831 CVE-2010-2322 fastjar: directory traversal vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=594497
– ——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update gcc’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
– ——————————————————————————–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkw0V3oACgkQWmhIvjFb90UlKACfShdUiSXRRXCk3GCiOMevzCVG
XcsAn2/LmhzOBPqqoUqNAW+1GBvWT8ga
=PGn3
—–END PGP SIGNATURE—–
