User: Password:
|
|
Subscribe / Log in / New account

Re: MIT discovered issue with gcc

From:  Miles Fidelman <mfidelman-AT-meetinghouse.net>
To:  debian-security-AT-lists.debian.org, debian-user <debian-user-AT-lists.debian.org>
Subject:  Re: MIT discovered issue with gcc
Date:  Tue, 26 Nov 2013 13:54:58 -0500
Message-ID:  <5294EE82.8050502@meetinghouse.net>
Archive-link:  Article

Going back through the discussion on this thread, I'm taken by two main 
reactions:

- discussion of the specific class of bugs/security holes
- a lot of comments that "this is an issue for upstream"

What I haven't seen, so I'll add it to the discussion, is that this 
strikes me as an issue for "WAY upstream" - i.e., if gcc's optimizer is 
opening a class of security holes - then it's gcc that has to be fixed, 
after which that class of holes would go away after the next build of 
any impacted package.

Miles Fidelman




(Log in to post comments)


Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds