Package: gcc-4.3 Severity: important Tags: security Hi
The following CVE(0) has been issued against gcc. CVE-2008-1685: gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might remove length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks. More information are here(1). Please mention the CVE id in your changelog, if you happen to fix this problem with an upload. Cheers Steffen (0): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1685 (1): http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]