This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: US-CERT Vulnerability Note VU#162289

On Fri, Apr 25, 2008 at 11:45:25AM -0400, Paul Koning wrote:
>  Robert> To me, the whole notion of this vulnerability node is flawed
>  Robert> in that respect. You can write a lengthy and useful book on
>  Robert> pitfalls in C that must be avoided, but I see no reason to
>  Robert> turn such a book into a cert advisory, let alone pick out a
>  Robert> single arbitrary example on a particular compiler!
> 
> I think that comment is absolutely correct.

The R in CERT is "Response" (at least it used to be; I can't find an
expansion on their web site...).  They're responding to a problem that
was reported to them, and alerting others to the problem.  We can
argue about the details, but not about the need to respond.

-- 
Daniel Jacobowitz
CodeSourcery
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]