From ${URL} : Janne Blomqvist fixed several CVE-2002-0391-style integer overflows in array allocation in libgfortran, the run-time support library for the Fortran compiler which is part of the GNU Compiler Collection. The upstream Subversion commit is here: <https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721> These changes will be part of the next version of GCC (whose version number is still to be decided). @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
the fixes are included in these releases: gcc-4.8.4 gcc-4.8.5 gcc-4.9.2 gcc-4.9.3 gcc-5.1.0 gcc-5.2.0 gcc-5.3.0 and we've marked 4.8/4.9 versions stable at this point
@ Maintainer(s): Previous versions *are* affected. Please consider cleanup or apply masks or even backport fixes...
backports might happen, but we aren't doing anything other than that
Thank you for masking the rest of the packages.
