Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code. Upstream fix: https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721 These will be included in a later release of GCC. References: http://seclists.org/oss-sec/2014/q3/230
Created gcc tracking bugs for this issue: Affects: fedora-all [bug 1122813]
GCC 4.8 and 4.9 backports: https://gcc.gnu.org/ml/gcc-cvs/2014-07/msg01136.html https://gcc.gnu.org/ml/gcc-cvs/2014-07/msg01135.html