On 12/06/2013 11:30 AM, Adam Williamson wrote:
On Fri, 2013-12-06 at 10:37 +0100, Ralf Corsepius wrote:
On 12/05/2013 07:43 PM, Jan Lieskovsky wrote:
From: "Ralf Corsepius"
Would you mind to explain why you guys are putting such an emphasize on
-Wformat-security?
Some possible ways how to look at it:
* because when all reported packages are patched, it would remove one
whole class of security flaws,
Iff the tools being utilized were reliable and if the findings are fixed
by skilled people, who really understand what they are doing.
Both does NOT APPLY in Fedora. Fedora/RH's GCC produces false diagnoses
and the average Fedora packager is not an experienced C-developer.
The intent is not for Fedora packagers to patch problems downstream, it
is for them to report bugs upstream and have the problems fixed there.
What world are you living in? gcc fixes have always been fixed in Fedora
first.
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct