riscv-gnu-toolchain/gcc.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Siddhesh Poyarekar <siddhesh@gotplt.org>	2023-12-18 09:35:06 -0500
committer	Siddhesh Poyarekar <siddhesh@gotplt.org>	2024-01-09 10:49:01 -0500
commit	e9f2c6d260e3f07b5144d175248e2c8788857c96 (patch)
tree	67cacc0c30ad15ea70439cb75d9060ae1f688cb3 /gcc/tree-vect-loop.cc
parent	b7e5a29602143b53267efcd9c8d5ecc78cd5a62f (diff)
download	gcc-e9f2c6d260e3f07b5144d175248e2c8788857c96.zip gcc-e9f2c6d260e3f07b5144d175248e2c8788857c96.tar.gz gcc-e9f2c6d260e3f07b5144d175248e2c8788857c96.tar.bz2

SECURITY.txt: Drop "exploitable" in reference to hardening issues

The "exploitable vulnerability" may lead to a misunderstanding that missed hardening issues are considered vulnerabilities, just that they're not exploitable. This is not true, since while hardening bugs may be security-relevant, the absence of hardening does not make a program any more vulnerable to exploits than without. Drop the "exploitable" word to make it clear that missed hardening is not considered a vulnerability. Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org> ChangeLog: * SECURITY.txt: Drop "exploitable" in the hardening section.

Diffstat (limited to 'gcc/tree-vect-loop.cc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: