This is the mail archive of the mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 3.2 PATCH: Ada parallel bootstrap fixes

On Sat, 18 May 2002, Florian Weimer wrote:

> Nowadays, hardly any C vendor would consider such issues
> insignificant, and state that the security conscious programmer should
> not use these interfaces anyway (some comment on comp.lang.ada, IIRC
> not from Robert).

Indeed, my position is that security problems are automatically

> Additional buffer overflow problems are mentioned in the following
> message:
> Shall I submit individual bug reports for them?  IMHO, this doesn't
> make much sense if I'm still the only persone who cares about these
> problems.

If you have unreviewed patches (security or otherwise), you should send
monthly reminders asking for them to be reviewed.  (Actually, I think that
part of contribute.html should suggest sending a reminder if there's no
review after a week, not a month, since it's rare for a patch unreviewed
after a week to get a review at all without a reminder.  In the case of
security patches, daily reminders would be more appropriate; you should
also try to get security patches onto the 3.1 branch as well as mainline.)

If you have problems with no PR filed and no patch, submit PRs for them.  
Submit an advisory to bugtraq for any problems submitted as patches or PRs
significantly in advance of a release (3.1 or 3.1.1) with no fix in that

Joseph S. Myers

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]