Errata overview
Errata ID 270
Date 2018-01-29
Source package gcc-4.9
Fixed in version 4.9.2-10A~
This update addresses the following issue:
* Systems with microprocessors utilizing speculative execution and indirect
  branch prediction may allow unauthorized disclosure of information to an
  attacker with local user access via a side-channel analysis (CVE-2017-5715)
This update adds the infrastructure to the C compiler for using "retpoline".
The compiler can be used to mitigate the "Spectre 2" vulnerability by
re-compiling susceptible binaries until fixed CPUs or fixed CPU micro code
updates are available from the CPU vendors.
Additional notes The compiler itself is NOT vulnerable.
CVE ID CVE-2017-5715
UCS Bug number #46029