On Friday, September 12, 2014, Bruno Wolff III <br...@wolff.to> wrote:
> On Fri, Sep 12, 2014 at 10:46:49 -0400, > Daniel J Walsh <dwa...@redhat.com> wrote: > >> If you have one, please send it to me with some explanation of what it >> is and why it is important. >> > > https://fedoraproject.org/wiki/Releases/21/ChangeSet#Format_Security > > This will make buffer overflow bugs a bit less common. > No it won't. Format string vulnerabilities are not buffer overflows. They can be used by an attacker to write to arbitrary memory addresses (and thus gaining control of the process). So while the end result is the same the two are distinct issues.
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct