From owner-freebsd-security@FreeBSD.ORG  Sat Dec 24 07:17:17 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3A02C106564A
	for <freebsd-security@freebsd.org>;
	Sat, 24 Dec 2011 07:17:17 +0000 (UTC)
	(envelope-from dewayne.geraghty@heuristicsystems.com.au)
Received: from nskntqsrv02p.mx.bigpond.com (nskntqsrv02p.mx.bigpond.com
	[61.9.168.234]) by mx1.freebsd.org (Postfix) with ESMTP id C6B908FC13
	for <freebsd-security@freebsd.org>;
	Sat, 24 Dec 2011 07:17:16 +0000 (UTC)
Received: from nskntcmgw08p ([61.9.169.168]) by nskntmtas03p.mx.bigpond.com
	with ESMTP
	id <20111224015503.PUUZ2063.nskntmtas03p.mx.bigpond.com@nskntcmgw08p>
	for <freebsd-security@freebsd.org>; Sat, 24 Dec 2011 01:55:03 +0000
Received: from hermes.heuristicsystems.com.au ([58.172.112.204])
	by nskntcmgw08p with BigPond Outbound
	id Cpv11i0014QfL3601pv3lx; Sat, 24 Dec 2011 01:55:03 +0000
X-Authority-Analysis: v=2.0 cv=FKSZNpUs c=1 sm=1
	a=3gUU17yAEl4T7pnfkUDLuw==:17 a=H5T4dRW_n8wA:10 a=twTT4oUKOlYA:10
	a=kj9zAlcOel0A:10 a=MHLd1x0a_l6Ip8jNihkA:9 a=CjuIK1q_8ugA:10
	a=3gUU17yAEl4T7pnfkUDLuw==:117
Received: from white (white.hs [10.0.5.2])
	by hermes.heuristicsystems.com.au (8.14.5/8.13.6) with ESMTP id
	pBO1sgEg069229
	(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT)
	for <freebsd-security@freebsd.org>;
	Sat, 24 Dec 2011 12:54:42 +1100 (EST)
	(envelope-from dewayne.geraghty@heuristicsystems.com.au)
From: "Dewayne Geraghty" <dewayne.geraghty@heuristicsystems.com.au>
To: <freebsd-security@freebsd.org>
References: <201112231536.pBNFadWk078864@freefall.freebsd.org>
Date: Sat, 24 Dec 2011 12:54:41 +1100
Message-ID: <14084D15E2C949D5ACD68E678F704286@white>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <201112231536.pBNFadWk078864@freefall.freebsd.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Thread-Index: AczBjh81BJetd+OHQqWAq2y4eCphLQAUCesg
X-Mailman-Approved-At: Sat, 24 Dec 2011 12:38:02 +0000
Subject: RE: FreeBSD Security Advisory FreeBSD-SA-11:07.chroot - gcc 4.2.2+
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Dec 2011 07:17:17 -0000

Do the changes to libc imply that community members that install and build their system using gcc 4.2.2+ will remain vulnerable?
If so, should the /usr/src/UPDATING reflect this ongoing exposure?

(I note that 8.2S uses gcc version 4.2.2 20070831 prerelease [FreeBSD]
9.0S has gcc 4.2.1)

Kind regards, Dewayne