Package: gcc-4.7 Severity: serious Version: 4.7.0-1 Tags: security, patch Hi, An integer overflow issue was discovered for gcc-4.7: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2002-2439
This is already fixed in gcc-4.8. These seem to be the two relevant patches that fix the problem: http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01416.html http://gcc.gnu.org/ml/gcc-patches/2012-06/msg01689.html If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2439 http://security-tracker.debian.org/tracker/CVE-2002-2439 Please adjust the affected versions in the BTS as needed. -- To UNSUBSCRIBE, email to debian-gcc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANTw=MNA1R=1l5kojdhud02gzxi3u_h0dxdleffifl4dg_o...@mail.gmail.com
