|From:||Miles Fidelman <mfidelman-AT-meetinghouse.net>|
|To:||debian-security-AT-lists.debian.org, debian-user <debian-user-AT-lists.debian.org>|
|Subject:||Re: MIT discovered issue with gcc|
|Date:||Tue, 26 Nov 2013 13:54:58 -0500|
Going back through the discussion on this thread, I'm taken by two main reactions: - discussion of the specific class of bugs/security holes - a lot of comments that "this is an issue for upstream" What I haven't seen, so I'll add it to the discussion, is that this strikes me as an issue for "WAY upstream" - i.e., if gcc's optimizer is opening a class of security holes - then it's gcc that has to be fixed, after which that class of holes would go away after the next build of any impacted package. Miles Fidelman
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds