User: Password:
Subscribe / Log in / New account

MIT discovered issue with gcc

From:  Andrew McGlashan <>
To:, debian-user <>
Subject:  MIT discovered issue with gcc
Date:  Sat, 23 Nov 2013 12:30:10 +1100
Message-ID:  <>
Archive-link:  Article


I understand that Debian has a bunch of vulnerabilities as described in
the following PDF.

Just a small quote:

"This paper presents the first systematic approach for
reasoning about and detecting unstable code. We implement
this approach in a static checker called Stack, and
use it to show that unstable code is present in a wide
range of systems software, including the Linux kernel and
the Postgres database. We estimate that unstable code
exists in 40% of the 8,575 Debian Wheezy packages that
contain C/C++ code. We also show that compilers are
increasingly taking advantage of undefined behavior for
optimizations, leading to more vulnerabilities related to
unstable code."

This looks very serious indeed, but a quick search of Debian mailing
lists didn't show anything being acknowledged for this issue.... should
Debian users be concerned?

Kind Regards

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds