{"affected":[{"ecosystem_specific":{"binaries":[{"cpp7":"7.4.1+r275405-lp151.2.6.1","gcc7":"7.4.1+r275405-lp151.2.6.1","gcc7-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-ada":"7.4.1+r275405-lp151.2.6.1","gcc7-ada-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-c++":"7.4.1+r275405-lp151.2.6.1","gcc7-c++-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-fortran":"7.4.1+r275405-lp151.2.6.1","gcc7-fortran-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-go":"7.4.1+r275405-lp151.2.6.1","gcc7-go-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-info":"7.4.1+r275405-lp151.2.6.1","gcc7-locale":"7.4.1+r275405-lp151.2.6.1","gcc7-obj-c++":"7.4.1+r275405-lp151.2.6.1","gcc7-obj-c++-32bit":"7.4.1+r275405-lp151.2.6.1","gcc7-objc":"7.4.1+r275405-lp151.2.6.1","gcc7-objc-32bit":"7.4.1+r275405-lp151.2.6.1","libada7":"7.4.1+r275405-lp151.2.6.1","libada7-32bit":"7.4.1+r275405-lp151.2.6.1","libasan4":"7.4.1+r275405-lp151.2.6.1","libasan4-32bit":"7.4.1+r275405-lp151.2.6.1","libcilkrts5":"7.4.1+r275405-lp151.2.6.1","libcilkrts5-32bit":"7.4.1+r275405-lp151.2.6.1","libgfortran4":"7.4.1+r275405-lp151.2.6.1","libgfortran4-32bit":"7.4.1+r275405-lp151.2.6.1","libgo11":"7.4.1+r275405-lp151.2.6.1","libgo11-32bit":"7.4.1+r275405-lp151.2.6.1","libobjc4":"7.4.1+r275405-lp151.2.6.1","libobjc4-32bit":"7.4.1+r275405-lp151.2.6.1","libstdc++6-devel-gcc7":"7.4.1+r275405-lp151.2.6.1","libstdc++6-devel-gcc7-32bit":"7.4.1+r275405-lp151.2.6.1","libubsan0":"7.4.1+r275405-lp151.2.6.1","libubsan0-32bit":"7.4.1+r275405-lp151.2.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"gcc7","purl":"pkg:rpm/opensuse/gcc7&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.4.1+r275405-lp151.2.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for gcc7 to r275405 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).\n- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).\n\nNon-security issue fixed:\n\n- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2019:2364-1","modified":"2019-10-22T14:23:29Z","published":"2019-10-22T14:23:29Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3/#3E3ZBAVVNTD5VFA5TURX6RVYBW5OIVQ3"},{"type":"REPORT","url":"https://bugzilla.suse.com/1071995"},{"type":"REPORT","url":"https://bugzilla.suse.com/1141897"},{"type":"REPORT","url":"https://bugzilla.suse.com/1142649"},{"type":"REPORT","url":"https://bugzilla.suse.com/1148517"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149145"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-14250"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15847"}],"related":["CVE-2019-14250","CVE-2019-15847"],"summary":"Security update for gcc7","upstream":["CVE-2019-14250","CVE-2019-15847"]}