Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 14 Aug 2015 19:08:41 +0100
From: Jonathan Wakely <>
To: Florian Weimer <>
Cc: "libstdc++" <>,
Subject: Re: Alleged libstdc++ vulnerabilities

On 14 August 2015 at 18:55, Jonathan Wakely wrote:
> On 14 August 2015 at 18:49, Florian Weimer wrote:
>> Does anybody know what this is about and can point to the relevant PRs?
>> “discovered serious security bugs in […] libstdc++”
>> <>
>> The USENIX paper
>> <>
>> does not back up this claim.
> The paper abstract says "discovered 11 previously unknown security vulnera-
> bilities: nine in GNU libstdc++ and two in Firefox, all of which have
> been confirmed and subsequently fixed by vendors. "
> I guess they are referring to

And FWIW most of the "fixes" they suggested were just nonsense.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ