From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <java-prs-return-6874-listarch-java-prs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 5137 invoked by alias); 2 Oct 2005 23:38:10 -0000
Mailing-List: contact java-prs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:java-prs-subscribe@gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/java-prs/>
List-Post: <mailto:java-prs@gcc.gnu.org>
List-Help: <mailto:java-prs-help@gcc.gnu.org>, <http://gcc.gnu.org/ml/#faqs>
Sender: java-prs-owner@gcc.gnu.org
Received: (qmail 5116 invoked by uid 48); 2 Oct 2005 23:38:10 -0000
Date: Sun, 02 Oct 2005 23:38:00 -0000
Message-ID: <20051002233810.5115.qmail@sourceware.org>
X-Bugzilla-Reason: CC
References: <bug-24170-7172@http.gcc.gnu.org/bugzilla/>
Subject: [Bug libgcj/24170] natFilePosix.cc seems to have a security problem
In-Reply-To: <bug-24170-7172@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: java-prs@gcc.gnu.org
From: "ben at decadentplace dot org dot uk" <gcc-bugzilla@gcc.gnu.org>
X-SW-Source: 2005-q4/txt/msg00016.txt.bz2
List-Id: <java-prs.sourceware.org>



------- Comment #4 from ben at decadentplace dot org dot uk  2005-10-02 23:38 -------
Andrew, I agree this is a problem with readdir_r, hence my original subject
(and the fact that I'm reporting bugs in a large number of other programs). I'm
not going to publish the advisory until 1st November. If you are interested in
understanding and fixing the bug rather than trying to deny it, you'll help to
provide a non-public channel through which I can send the draft advisory to
appropriate developers. Otherwise this will have to wait until publication.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24170