Amazon Linux 2022 Security Advisory: ALAS-2022-057
Advisory Release Date: 2022-05-04 21:03 Pacific
Advisory Updated Date: 2022-05-06 16:18 Pacific
Severity:
Medium
Issue Overview:
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behaviour from the reviewer. (CVE-2021-42574)
Affected Packages:
gcc
Issue Correction:
Run dnf update --releasever=2022.0.20220504 gcc to update your system.
New Packages:
aarch64:
gcc-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
liblsan-static-11.2.1-10.amzn2022.0.1.aarch64
gcc-c++-11.2.1-10.amzn2022.0.1.aarch64
gcc-objc++-11.2.1-10.amzn2022.0.1.aarch64
gcc-objc++-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgfortran-11.2.1-10.amzn2022.0.1.aarch64
libgccjit-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
gcc-gfortran-11.2.1-10.amzn2022.0.1.aarch64
libgnat-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
gcc-gdb-plugin-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
cpp-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgo-static-11.2.1-10.amzn2022.0.1.aarch64
gcc-objc-11.2.1-10.amzn2022.0.1.aarch64
libtsan-11.2.1-10.amzn2022.0.1.aarch64
gcc-go-11.2.1-10.amzn2022.0.1.aarch64
libgomp-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libtsan-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgfortran-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgo-11.2.1-10.amzn2022.0.1.aarch64
libgo-devel-11.2.1-10.amzn2022.0.1.aarch64
libstdc++-static-11.2.1-10.amzn2022.0.1.aarch64
libgnat-devel-11.2.1-10.amzn2022.0.1.aarch64
libasan-11.2.1-10.amzn2022.0.1.aarch64
libstdc++-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgccjit-devel-11.2.1-10.amzn2022.0.1.aarch64
cpp-11.2.1-10.amzn2022.0.1.aarch64
libgnat-static-11.2.1-10.amzn2022.0.1.aarch64
gcc-c++-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
gcc-go-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libstdc++-devel-11.2.1-10.amzn2022.0.1.aarch64
gcc-11.2.1-10.amzn2022.0.1.aarch64
gcc-gfortran-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libgfortran-static-11.2.1-10.amzn2022.0.1.aarch64
gcc-gnat-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libubsan-static-11.2.1-10.amzn2022.0.1.aarch64
libubsan-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libasan-static-11.2.1-10.amzn2022.0.1.aarch64
libstdc++-docs-11.2.1-10.amzn2022.0.1.aarch64
libtsan-static-11.2.1-10.amzn2022.0.1.aarch64
liblsan-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libasan-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
gcc-objc-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libstdc++-11.2.1-10.amzn2022.0.1.aarch64
libgnat-11.2.1-10.amzn2022.0.1.aarch64
libgccjit-11.2.1-10.amzn2022.0.1.aarch64
gcc-gnat-11.2.1-10.amzn2022.0.1.aarch64
gcc-plugin-devel-11.2.1-10.amzn2022.0.1.aarch64
gcc-debugsource-11.2.1-10.amzn2022.0.1.aarch64
libitm-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
gcc-plugin-devel-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
liblsan-11.2.1-10.amzn2022.0.1.aarch64
libubsan-11.2.1-10.amzn2022.0.1.aarch64
gcc-gdb-plugin-11.2.1-10.amzn2022.0.1.aarch64
libgomp-11.2.1-10.amzn2022.0.1.aarch64
libgcc-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libobjc-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libatomic-static-11.2.1-10.amzn2022.0.1.aarch64
libgcc-11.2.1-10.amzn2022.0.1.aarch64
libitm-static-11.2.1-10.amzn2022.0.1.aarch64
libitm-11.2.1-10.amzn2022.0.1.aarch64
libatomic-debuginfo-11.2.1-10.amzn2022.0.1.aarch64
libobjc-11.2.1-10.amzn2022.0.1.aarch64
libatomic-11.2.1-10.amzn2022.0.1.aarch64
libitm-devel-11.2.1-10.amzn2022.0.1.aarch64
src:
gcc-11.2.1-10.amzn2022.0.1.src
x86_64:
gcc-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-gnat-11.2.1-10.amzn2022.0.1.x86_64
gcc-offload-nvptx-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libstdc++-static-11.2.1-10.amzn2022.0.1.x86_64
cpp-11.2.1-10.amzn2022.0.1.x86_64
gcc-gfortran-11.2.1-10.amzn2022.0.1.x86_64
libgnat-static-11.2.1-10.amzn2022.0.1.x86_64
libgccjit-11.2.1-10.amzn2022.0.1.x86_64
libgphobos-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-c++-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
cpp-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-objc-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libstdc++-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgccjit-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgo-11.2.1-10.amzn2022.0.1.x86_64
gcc-objc-11.2.1-10.amzn2022.0.1.x86_64
gcc-gnat-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-offload-nvptx-11.2.1-10.amzn2022.0.1.x86_64
gcc-go-11.2.1-10.amzn2022.0.1.x86_64
libgphobos-static-11.2.1-10.amzn2022.0.1.x86_64
libstdc++-devel-11.2.1-10.amzn2022.0.1.x86_64
gcc-go-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-objc++-11.2.1-10.amzn2022.0.1.x86_64
gcc-c++-11.2.1-10.amzn2022.0.1.x86_64
gcc-gdc-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-objc++-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgnat-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgo-static-11.2.1-10.amzn2022.0.1.x86_64
gcc-gdc-11.2.1-10.amzn2022.0.1.x86_64
gcc-gfortran-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-plugin-devel-11.2.1-10.amzn2022.0.1.x86_64
libgphobos-11.2.1-10.amzn2022.0.1.x86_64
gcc-11.2.1-10.amzn2022.0.1.x86_64
libgnat-devel-11.2.1-10.amzn2022.0.1.x86_64
gcc-debugsource-11.2.1-10.amzn2022.0.1.x86_64
libstdc++-docs-11.2.1-10.amzn2022.0.1.x86_64
libasan-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgfortran-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgfortran-static-11.2.1-10.amzn2022.0.1.x86_64
libtsan-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgnat-11.2.1-10.amzn2022.0.1.x86_64
libgo-devel-11.2.1-10.amzn2022.0.1.x86_64
libgccjit-devel-11.2.1-10.amzn2022.0.1.x86_64
libgfortran-11.2.1-10.amzn2022.0.1.x86_64
libasan-static-11.2.1-10.amzn2022.0.1.x86_64
libstdc++-11.2.1-10.amzn2022.0.1.x86_64
libtsan-static-11.2.1-10.amzn2022.0.1.x86_64
liblsan-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libubsan-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-gdb-plugin-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libasan-11.2.1-10.amzn2022.0.1.x86_64
libtsan-11.2.1-10.amzn2022.0.1.x86_64
liblsan-static-11.2.1-10.amzn2022.0.1.x86_64
libubsan-static-11.2.1-10.amzn2022.0.1.x86_64
libgomp-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libitm-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libquadmath-static-11.2.1-10.amzn2022.0.1.x86_64
libquadmath-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
gcc-plugin-devel-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgomp-11.2.1-10.amzn2022.0.1.x86_64
liblsan-11.2.1-10.amzn2022.0.1.x86_64
libubsan-11.2.1-10.amzn2022.0.1.x86_64
libgcc-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libquadmath-11.2.1-10.amzn2022.0.1.x86_64
gcc-gdb-plugin-11.2.1-10.amzn2022.0.1.x86_64
libobjc-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libitm-static-11.2.1-10.amzn2022.0.1.x86_64
libgcc-11.2.1-10.amzn2022.0.1.x86_64
libitm-11.2.1-10.amzn2022.0.1.x86_64
libatomic-static-11.2.1-10.amzn2022.0.1.x86_64
libobjc-11.2.1-10.amzn2022.0.1.x86_64
libgomp-offload-nvptx-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libatomic-debuginfo-11.2.1-10.amzn2022.0.1.x86_64
libgomp-offload-nvptx-11.2.1-10.amzn2022.0.1.x86_64
libatomic-11.2.1-10.amzn2022.0.1.x86_64
libquadmath-devel-11.2.1-10.amzn2022.0.1.x86_64
libitm-devel-11.2.1-10.amzn2022.0.1.x86_64