Re: FreeBSD Security Advisory FreeBSD-SA-11:07.chroot - gcc 4.2.2+

From: Xin Li <delphij@xxxxxxxxxxx>
Date: Sun, 25 Dec 2011 21:27:35 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/23/11 17:54, Dewayne Geraghty wrote:

Do the changes to libc imply that community members that install
and build their system using gcc 4.2.2+ will remain vulnerable? If
so, should the /usr/src/UPDATING reflect this ongoing exposure?

(I note that 8.2S uses gcc version 4.2.2 20070831 prerelease
[FreeBSD] 9.0S has gcc 4.2.1)

This have nothing to do with gcc as far as I can tell. It does
require changes to your individual applications if they do chroot into
untrusted environment.

Cheers,
- --
Xin LI <delphij@xxxxxxxxxxx> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk74BccACgkQOfuToMruuMCslACfXhGAxgpMlYwsPS/01JXoHqED
o/UAnAyoYtv3vlRBo0szGptyh+qYaeEQ
=cJ1L
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

References:
- RE: FreeBSD Security Advisory FreeBSD-SA-11:07.chroot - gcc 4.2.2+
  - From: Dewayne Geraghty

Relevant Pages

Re: [TESTING]: ClangBSD branch needs testing before the import to HEAD
... I hate gcc with the burning heat of a million suns. ... been a major liability towards FreeBSD releases in the past. ... While Clang is immature now, it will mature in the near future, ... Any bug analisys now shall start with exchange to verify which compiler ...
(freebsd-current)
Re: [TESTING]: ClangBSD branch needs testing before the import to HEAD
... I hate gcc with the burning heat of a million suns. ... been a major liability towards FreeBSD releases in the past. ... While Clang is immature now, it will mature in the near future, ... My main concern is the usefulness of HEAD for routine bug-fixing process. ...
(freebsd-current)
Re: [TESTING]: ClangBSD branch needs testing before the import to HEAD
... I hate gcc with the burning heat of a million suns. ... been a major liability towards FreeBSD releases in the past. ... While Clang is immature now, it will mature in the near future, ... My main concern is the usefulness of HEAD for routine bug-fixing process. ...
(freebsd-current)
Re: [TESTING]: ClangBSD branch needs testing before the import to HEAD
... I hate gcc with the burning heat of a million suns. ... been a major liability towards FreeBSD releases in the past. ... While Clang is immature now, it will mature in the near future, ... My main concern is the usefulness of HEAD for routine bug-fixing process. ...
(freebsd-current)
Re: [TESTING]: ClangBSD branch needs testing before the import to HEAD
... I hate gcc with the burning heat of a million suns. ... been a major liability towards FreeBSD releases in the past. ... My main concern is the usefulness of HEAD for routine bug-fixing process. ... Any bug analisys now shall start with exchange to verify which compiler ...
(freebsd-current)