From owner-freebsd-security@FreeBSD.ORG  Mon Dec 26 05:27:37 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 121B4106566C
	for <freebsd-security@freebsd.org>;
	Mon, 26 Dec 2011 05:27:37 +0000 (UTC)
	(envelope-from delphij@delphij.net)
Received: from anubis.delphij.net (anubis.delphij.net
	[IPv6:2001:470:1:117::25])
	by mx1.freebsd.org (Postfix) with ESMTP id E9B9D8FC18
	for <freebsd-security@freebsd.org>;
	Mon, 26 Dec 2011 05:27:36 +0000 (UTC)
Received: from delta.delphij.net (c-76-102-50-245.hsd1.ca.comcast.net
	[76.102.50.245])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by anubis.delphij.net (Postfix) with ESMTPSA id 9CD84145FB;
	Sun, 25 Dec 2011 21:27:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis;
	t=1324877256; bh=rlJiZo+eEX7jnv8oljXJzj47m7MRJHDayiNMs6IVOyI=;
	h=Message-ID:Date:From:Reply-To:MIME-Version:To:CC:Subject:
	References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
	b=DDnz5iFpmqVoaCxeb8Y5cjnavcojPF6K93EYnI1wPwMi2mSIpNs0PifxjDHBI02ht
	0VwZAcdByyy8WWBA1ZWklskVfvTcHQ5Ym6g0H91PCDuIdXN8AO39ooapmBhYGuKS8y
	1BCrjXRuWKix/eY0JANlFzxIDC6vH7CkhdEiM25E=
Message-ID: <4EF805C7.1020909@delphij.net>
Date: Sun, 25 Dec 2011 21:27:35 -0800
From: Xin Li <delphij@delphij.net>
Organization: The FreeBSD Project
MIME-Version: 1.0
To: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au>
References: <201112231536.pBNFadWk078864@freefall.freebsd.org>
	<14084D15E2C949D5ACD68E678F704286@white>
In-Reply-To: <14084D15E2C949D5ACD68E678F704286@white>
X-Enigmail-Version: undefined
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-security@freebsd.org, d@delphij.net
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-11:07.chroot - gcc 4.2.2+
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: d@delphij.net
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Dec 2011 05:27:37 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/23/11 17:54, Dewayne Geraghty wrote:
> Do the changes to libc imply that community members that install 
> and build their system using gcc 4.2.2+ will remain vulnerable? If 
> so, should the /usr/src/UPDATING reflect this ongoing exposure?
> 
> (I note that 8.2S uses gcc version 4.2.2 20070831 prerelease 
> [FreeBSD] 9.0S has gcc 4.2.1)

This have nothing to do with gcc as far as I can tell.  It does
require changes to your individual applications if they do chroot into
untrusted environment.

Cheers,
- -- 
Xin LI <delphij@delphij.net>	https://www.delphij.net/
FreeBSD - The Power to Serve!		Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk74BccACgkQOfuToMruuMCslACfXhGAxgpMlYwsPS/01JXoHqED
o/UAnAyoYtv3vlRBo0szGptyh+qYaeEQ
=cJ1L
-----END PGP SIGNATURE-----