Advisories » MGASA-2015-0449

Updated gcc packages fix security vulnerability

Publication date: 19 Nov 2015
Modification date: 19 Nov 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5276

Description

It was discovered that the std::random_device class in libstdc++ would
not properly detect short reads and could return return predictable
values if applications used it to obtain randomness from a blocking
source such as /dev/random. (CVE-2015-5276)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17126
• https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65142
• http://lists.opensuse.org/opensuse-updates/2015-11/msg00054.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276

SRPMS

5/core

• gcc-4.9.2-4.1.mga5