This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

question about security issues affecting newlib

From: Roberto Martelloni <rmartelloni at gmail dot com>
To: newlib at sourceware dot org
Date: Tue, 5 May 2015 15:01:10 +0100
Subject: question about security issues affecting newlib
Authentication-results: sourceware.org; auth=none

Hi,

how can I know when a software vulnerability affecting newlib has been
detected, reported and fixed ?

Since in my understanding newlib is a conglomerate of different source code
plus obviously custom source code:

   - what would be an a reasonable way to ensure that my newlib version XXX
   is free from know vulnerabilities ?

Or from a different point of view, how do you ensure that newlib is not
including a known vulnerability/ies ? How do you deal with that ?

Many Thanks,
R.

P.S. put be in CC as I'm not subscribed to the maillist, many thanks

-- 
Roberto Martelloni
boos @ http://boos.core-dumped.info

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]