[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MIT discovered issue with gcc

Going back through the discussion on this thread, I'm taken by two main reactions:

- discussion of the specific class of bugs/security holes
- a lot of comments that "this is an issue for upstream"

What I haven't seen, so I'll add it to the discussion, is that this strikes me as an issue for "WAY upstream" - i.e., if gcc's optimizer is opening a class of security holes - then it's gcc that has to be fixed, after which that class of holes would go away after the next build of any impacted package.

Miles Fidelman

Reply to: