Date: Thu, 13 Jun 2002 20:51:14 -0400 From: Mike Barcroft <mike@FreeBSD.org> To: Chris Costello <chris@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libc/stdio printf.3 Message-ID: <20020613205114.C65153@espresso.q9media.com> In-Reply-To: <200206132335.g5DNZNT14936@freefall.freebsd.org>; from chris@FreeBSD.org on Thu, Jun 13, 2002 at 04:35:22PM -0700 References: <200206132335.g5DNZNT14936@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris Costello <chris@FreeBSD.org> writes: > chris 2002/06/13 16:35:22 PDT > > Modified files: > lib/libc/stdio printf.3 > Log: > Include information on the dangers of passing a user-supplied string as > a format string. This will later on be changed to a reference to the > FreeBSD Security Architecture after it has been committed. > > PR: docs/39320 > Sposnored by: DARPA, NAI Labs > > Revision Changes Path > 1.39 +21 -0 src/lib/libc/stdio/printf.3 There is a significant amount of security informantion in the BUGS section. Would it be appropriate to move it to the SECURITY CONSIDERATIONS area? Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020613205114.C65153>