-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/23/11 17:54, Dewayne Geraghty wrote: > Do the changes to libc imply that community members that install > and build their system using gcc 4.2.2+ will remain vulnerable? If > so, should the /usr/src/UPDATING reflect this ongoing exposure? > > (I note that 8.2S uses gcc version 4.2.2 20070831 prerelease > [FreeBSD] 9.0S has gcc 4.2.1) This have nothing to do with gcc as far as I can tell. It does require changes to your individual applications if they do chroot into untrusted environment. Cheers, - -- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk74BccACgkQOfuToMruuMCslACfXhGAxgpMlYwsPS/01JXoHqED o/UAnAyoYtv3vlRBo0szGptyh+qYaeEQ =cJ1L -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"