OVAL Reference oval:com.ubuntu.precise:def:20155276000

Oval Definition:

oval:com.ubuntu.precise:def:20155276000

Revision Date:	2015-11-17	Version:	1
Title:	CVE-2015-5276 on Ubuntu 12.04 LTS (precise) - low.
Description:	The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5276
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'gcc-3.3' package in precise is not affected. OR The 'gcc-4.4' package in precise is affected and needs fixing. OR The vulnerability of the 'gcc-4.4-armel-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-4.4-armhf-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The 'gcc-4.5' package in precise is affected and needs fixing. OR The vulnerability of the 'gcc-4.5-armel-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-4.5-armhf-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The 'gcc-4.6' package in precise is affected and needs fixing. OR The vulnerability of the 'gcc-4.6-armel-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-4.6-armhf-cross' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-avr' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR NOT While related to the CVE in some way, the 'gcc-defaults' package in precise is not affected. OR NOT While related to the CVE in some way, the 'gcc-defaults-armel-cross' package in precise is not affected. OR NOT While related to the CVE in some way, the 'gcc-defaults-armhf-cross' package in precise is not affected. OR The vulnerability of the 'gcc-h8300-hms' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-m68hc1x' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-mingw-w64' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-msp430' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'gcc-opt' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The 'gcc-snapshot' package in precise is affected and needs fixing. OR NOT While related to the CVE in some way, the 'gccgo-4.7' package in precise is not affected (note: 'vulnerable code is built but libgo doesn't use it').

BACK