Vulnerabilities > CVE-2019-14250 - Integer Overflow or Wraparound vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 2 | |
| OS | 3 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1142.NASL description According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for last seen 2020-05-03 modified 2020-02-25 plugin id 133976 published 2020-02-25 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133976 title EulerOS 2.0 SP8 : binutils (EulerOS-SA-2020-1142) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(133976); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/01"); script_cve_id( "CVE-2018-18483", "CVE-2018-20657", "CVE-2018-20673", "CVE-2019-14250", "CVE-2019-9070", "CVE-2019-9071", "CVE-2019-9074", "CVE-2019-9076" ); script_name(english:"EulerOS 2.0 SP8 : binutils (EulerOS-SA-2020-1142)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for 'Create an array for saving the template argument values') that can trigger a heap-based buffer overflow, as demonstrated by nm.(CVE-2018-20673) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.(CVE-2019-14250) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-9074) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1142 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?67240bd6"); script_set_attribute(attribute:"solution", value: "Update the affected binutils packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/25"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["binutils-2.31.1-13.h16.eulerosv2r8", "binutils-devel-2.31.1-13.h16.eulerosv2r8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-3061-1.NASL description This update includes the GNU Compiler Collection 9. A full changelog is provided by the GCC team on : https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages. To use it, install last seen 2020-06-01 modified 2020-06-02 plugin id 131311 published 2019-11-26 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131311 title SUSE SLED15 / SLES15 Security Update : gcc9 (SUSE-SU-2019:3061-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:3061-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(131311); script_version("1.2"); script_cvs_date("Date: 2019/12/09"); script_cve_id("CVE-2019-14250", "CVE-2019-15847"); script_name(english:"SUSE SLED15 / SLES15 Security Update : gcc9 (SUSE-SU-2019:3061-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update includes the GNU Compiler Collection 9. A full changelog is provided by the GCC team on : https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages. To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 / CXX=g++-9 during configuration for using it. Security issues fixed : CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145) CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649) Non-security issues fixed: Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254) Fixed miscompilation for vector shift on s390. (bsc#1141897) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114592" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1135254" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1141897" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1142649" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1142654" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1148517" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1149145" ); script_set_attribute( attribute:"see_also", value:"https://www.gnu.org/software/gcc/gcc-9/changes.html" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14250/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15847/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20193061-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5aad195f" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3061=1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-3061=1 SUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2019-3061=1 SUSE Linux Enterprise Module for Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-3061=1 SUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2019-3061=1 SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-3061=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cpp9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cpp9-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-ada"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-ada-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-c++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-c++-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-fortran"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-fortran-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-go"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-go-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gcc9-locale"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libada9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libada9-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libada9-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasan5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasan5-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasan5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libatomic1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libatomic1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libatomic1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgcc_s1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgcc_s1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgcc_s1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgfortran5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgfortran5-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgfortran5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgo14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgo14-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgo14-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgomp1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgomp1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgomp1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libitm1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libitm1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libitm1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblsan0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblsan0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libquadmath0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libquadmath0-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libquadmath0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6-devel-gcc9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6-locale"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstdc++6-pp-gcc9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtsan0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libtsan0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libubsan1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libubsan1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libubsan1-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/24"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0/1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"liblsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"liblsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libtsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libtsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libquadmath0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libquadmath0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libquadmath0-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libquadmath0-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"cpp9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"cpp9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-ada-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-ada-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-c++-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-c++-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-fortran-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-fortran-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-c++-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-pp-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libasan5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libasan5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libatomic1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libatomic1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgcc_s1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgcc_s1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgfortran5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgfortran5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgomp1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgomp1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libitm1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libitm1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libubsan1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libubsan1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libasan5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libasan5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgcc_s1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libgomp1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libitm1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libstdc++6-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"liblsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"liblsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libtsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libtsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libquadmath0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libquadmath0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libquadmath0-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libquadmath0-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"cpp9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"cpp9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-ada-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-ada-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-c++-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-c++-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-fortran-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-fortran-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-c++-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-pp-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libasan5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libasan5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libatomic1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libatomic1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgcc_s1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgcc_s1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgfortran5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgfortran5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgomp1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgomp1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libitm1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libitm1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libubsan1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libubsan1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libasan5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libasan5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgcc_s1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libgomp1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libitm1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libstdc++6-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"liblsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"liblsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libtsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libtsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libquadmath0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libquadmath0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libquadmath0-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libquadmath0-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"cpp9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"cpp9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-ada-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-ada-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-c++-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-c++-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-fortran-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-fortran-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-c++-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-pp-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libasan5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libasan5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libatomic1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libatomic1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgcc_s1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgcc_s1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgfortran5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgfortran5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgomp1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgomp1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libitm1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libitm1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libubsan1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libubsan1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libasan5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libasan5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgcc_s1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libgomp1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libitm1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libstdc++6-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"liblsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"liblsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libtsan0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libtsan0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libquadmath0-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libquadmath0-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libquadmath0-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libquadmath0-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"s390x", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"cpp9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"cpp9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-ada-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-ada-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-c++-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-c++-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-fortran-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-fortran-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-go-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-go-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-ada-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-c++-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-fortran-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-go-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-devel-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-pp-gcc9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"gcc9-debugsource-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libada9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libada9-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libasan5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libasan5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libatomic1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libatomic1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgcc_s1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgcc_s1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgfortran5-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgfortran5-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgo14-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgo14-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgomp1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgomp1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libitm1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libitm1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-devel-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-locale-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-pp-gcc9-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libubsan1-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libubsan1-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libada9-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libada9-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libasan5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libasan5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libatomic1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libatomic1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgcc_s1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgcc_s1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgfortran5-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgfortran5-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgo14-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgo14-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgomp1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libgomp1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libitm1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libitm1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libstdc++6-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libubsan1-32bit-9.2.1+r275327-1.3.7")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libubsan1-32bit-debuginfo-9.2.1+r275327-1.3.7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gcc9"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1363.NASL description According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.(CVE-2019-14250) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-9074) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-07 modified 2020-04-02 plugin id 135150 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135150 title EulerOS Virtualization for ARM 64 3.0.6.0 : binutils (EulerOS-SA-2020-1363) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(135150); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/06"); script_cve_id( "CVE-2018-18483", "CVE-2018-20657", "CVE-2019-14250", "CVE-2019-9070", "CVE-2019-9071", "CVE-2019-9074", "CVE-2019-9076" ); script_name(english:"EulerOS Virtualization for ARM 64 3.0.6.0 : binutils (EulerOS-SA-2020-1363)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization for ARM 64 host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.(CVE-2019-14250) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-9074) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1363 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7e3462dc"); script_set_attribute(attribute:"solution", value: "Update the affected binutils packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.6.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "3.0.6.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.6.0"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["binutils-2.31.1-13.h16.eulerosv2r8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1548.NASL description According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9074) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-14250) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) - The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002) - apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.(CVE-2019-14444) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-05-01 plugin id 136251 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136251 title EulerOS Virtualization for ARM 64 3.0.2.0 : binutils (EulerOS-SA-2020-1548) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(136251); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07"); script_cve_id( "CVE-2018-18483", "CVE-2018-20002", "CVE-2018-20657", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-9070", "CVE-2019-9071", "CVE-2019-9074", "CVE-2019-9076" ); script_name(english:"EulerOS Virtualization for ARM 64 3.0.2.0 : binutils (EulerOS-SA-2020-1548)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization for ARM 64 host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9074) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-14250) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) - The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002) - apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.(CVE-2019-14444) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1548 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?da544abc"); script_set_attribute(attribute:"solution", value: "Update the affected binutils packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "3.0.2.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.2.0"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["binutils-2.27-28.base.1.h43"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2702-1.NASL description This update for gcc7 to r275405 fixes the following issues : Security issues fixed : CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649). CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145). Non-security issue fixed: Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 130002 published 2019-10-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130002 title SUSE SLED15 / SLES15 Security Update : gcc7 (SUSE-SU-2019:2702-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1466.NASL description According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.(CVE-2017-9040) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash.(CVE-2017-7300) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash.(CVE-2017-7301) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7302) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7303) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7304) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.(CVE-2017-8393) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.(CVE-2017-8395) - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn last seen 2020-04-30 modified 2020-04-16 plugin id 135628 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135628 title EulerOS Virtualization 3.0.2.2 : binutils (EulerOS-SA-2020-1466) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-3_0-0026_BINUTILS.NASL description An update of the binutils package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 128729 published 2019-09-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128729 title Photon OS 3.0: Binutils PHSA-2019-3.0-0026 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4326-1.NASL description It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-16 modified 2020-04-10 plugin id 135398 published 2020-04-10 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135398 title Ubuntu 16.04 LTS / 18.04 LTS : libiberty vulnerabilities (USN-4326-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1094.NASL description According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071) - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.(CVE-2019-14250) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9076) - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-9074) - GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180) - The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657) - The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2020-02-24 plugin id 133895 published 2020-02-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133895 title EulerOS 2.0 SP5 : binutils (EulerOS-SA-2020-1094) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-716.NASL description This update includes the GNU Compiler Collection 9. This update ships the GCC 9.3 release. A full changelog is provided by the GCC team on : https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages. To use it, install last seen 2020-06-06 modified 2020-05-29 plugin id 136959 published 2020-05-29 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136959 title openSUSE Security Update : gcc9 (openSUSE-2020-716) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2365.NASL description This update for gcc7 to r275405 fixes the following issues : Security issues fixed : - CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649). - CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145). Non-security issue fixed : - Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130160 published 2019-10-23 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130160 title openSUSE Security Update : gcc7 (openSUSE-2019-2365) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4336-1.NASL description It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-30 modified 2020-04-24 plugin id 135966 published 2020-04-24 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135966 title Ubuntu 18.04 LTS : binutils vulnerabilities (USN-4336-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-2_0-0173_BINUTILS.NASL description An update of the binutils package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 128734 published 2019-09-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128734 title Photon OS 2.0: Binutils PHSA-2019-2.0-0173 NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2364.NASL description This update for gcc7 to r275405 fixes the following issues : Security issues fixed : - CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649). - CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145). Non-security issue fixed : - Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130159 published 2019-10-23 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130159 title openSUSE Security Update : gcc7 (openSUSE-2019-2364) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0394-1.NASL description This update for gcc9 fixes the following issues : The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compilers, install e.g. gcc9, gcc9-c++ and build with CC=gcc-9 CXX=g++-9 set. For SUSE Linux Enterprise base products, the libstdc++6, libgcc_s1 and other compiler libraries have been switched from their gcc8 variants to their gcc9 variants. Security issues fixed : CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145) CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649) Non-security issues fixed: Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254) Fixed miscompilation for vector shift on s390. (bsc#1141897) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2020-02-19 plugin id 133791 published 2020-02-19 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133791 title SUSE SLES12 Security Update : gcc9 (SUSE-SU-2020:0394-1)
References
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
- https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
- http://www.securityfocus.com/bid/109354
- https://security.netapp.com/advisory/ntap-20190822-0002/
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
- https://usn.ubuntu.com/4326-1/
- https://usn.ubuntu.com/4336-1/
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
- https://security.gentoo.org/glsa/202007-39
- http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html