Description of problem: To address CVE-2021-42574, RHEL8/CentOS8 implements a gcc patch which adds the -Wbidirectional option. This is also documented in various RH advisories. This is unfortunately different from upstream gcc which named the option -Wbidi-chars instead. From what I can see of the available source code, RHEL9/CentOS9 backported to gcc11 the "upstream" variant. This can/will cause a discrepancy between RHEL8 and RHEL9 for customers and between RHEL and other distributions. Would it be possible to amend the patches in the backports to support both variants ? Version-Release number of selected component (if applicable): I've verified the git repos of c8s and c9, but from the published advisories, this also affects the various devtoolsets. I also noticed gcc has some followup fixes/updates for that code that weren't backported.
Thanks for the report. As I mentioned in the email, I would like to add an alias so that RHEL9 gcc groks both -Wbidirectional and -Wbidi-chars. I think we want a clone for RHEL 8 gcc too. But I don't see how we'd fix this in DTS/GTS at this point.
Previously, I didn't realize that the newest versions of RHEL 8 gcc, DTS 11.1 gcc, GTS 11.1 gcc, and RHEL 9 gcc all *already* use -Wbidi-chars. So I no longer think that the aliases are necessary, therefore I'm going to close this BZ.
My fault indeed. I was looking at centos c8 and not c8s...