File _patchinfo of Package patchinfo.5381

<patchinfo incident="5381">
  <issue id="1039513" tracker="bnc">VUL-0: gcc: enable -fstack-check by default: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="1011348" tracker="bnc">GCC 4.8.5 creates temporary when initializing reference</issue>
  <issue id="1022062" tracker="bnc">GCC regression hidden symbol `__cpu_model' when linking with g++</issue>
  <issue id="1028744" tracker="bnc">-fsanitize=address does not seem to work on non-x86</issue>
  <issue id="1039513" tracker="bnc">VUL-0: gcc: enable -fstack-check by default: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="1044016" tracker="bnc">coverage for 32bit binaries failed in system with huge file systems</issue>
  <issue id="1050947" tracker="bnc">VUL-0: CVE-2017-11671: gcc48,gcc6,gcc5: Generates incorrect code for RDRAND/RDSEED intrinsics</issue>
  <issue id="988274" tracker="bnc">gij-4.8 is broken for armv7l</issue>
  <issue id="2017-11671" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <description>This update for gcc48 fixes the following issues:

Security issues fixed:

- A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513]
  Future maintenance releases of packages will be built with this option.
- CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947]

Bugs fixed:

- Enable LFS support in 32bit libgcov.a.  [bsc#1044016]
- Bump libffi version in libffi.pc to 3.0.11.
- Fix libffi issue for armv7l.  [bsc#988274]
- Properly diagnose missing -fsanitize=address support on ppc64le.  [bnc#1028744]
- Backport patch for PR65612.  [bnc#1022062]
- Fixed DR#1288.  [bnc#1011348]
</description>
  <summary>Security update for gcc48</summary>
  <packager>rguenther</packager>
  <name>gcc48</name>
</patchinfo>