[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #11 from Andrew Pinski --- > The entire point of libssp is to provide this support on systems whose libc > does not include it, so that both -D_FORTIFY_SOURCE and -fstack-protector* > functionality would be available cross-platform.

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 Andrew Pinski changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 Yaakov Selkowitz changed: What|Removed |Added Status|RESOLVED|UNCONFIRMED

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #8 from Yaakov Selkowitz --- (In reply to Andrew Pinski from comment #3) > In fact this is by design. NetBSD for an example has ssp/stdio.h where you > use that to get the fority. This does not apply where the libc provides its own

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 Andrew Pinski changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #6 from Andrew Pinski --- (In reply to Andrew Pinski from comment #5) > > NetBSD which provide SSP in libc > > This statement is not true for older versions of netbsd. And really not true even for the current version of netbsd but

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #5 from Andrew Pinski --- > NetBSD which provide SSP in libc This statement is not true for older versions of netbsd.

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #4 from Andrew Pinski --- (In reply to Yaakov Selkowitz from comment #2) > (In reply to Andrew Pinski from comment #1) > > I don't think this is a security hole at all. In fact the security holes > > should be on the applications

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #3 from Andrew Pinski --- In fact this is by design. NetBSD for an example has ssp/stdio.h where you use that to get the fority.

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #2 from Yaakov Selkowitz --- (In reply to Andrew Pinski from comment #1) > I don't think this is a security hole at all. In fact the security holes > should be on the applications side rather than the library side. The compiler is

[Bug other/77409] CVE-2016-4973 Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409 --- Comment #1 from Andrew Pinski --- I don't think this is a security hole at all. In fact the security holes should be on the applications side rather than the library side.