On Thu, 26 Feb 2009, Vincent Lefevre wrote:
> After a buffer overflow has been found (and fixed) in the
> mpfr_snprintf and mpfr_vsnprintf functions of MPFR 2.4.0,
> it has been decided to release MPFR 2.4.1 immediately.
> It is available for download from the MPFR web site:
>
> http://www.mpfr.org/mpfr-2.4.1/
>
> Changes from version 2.4.0 to version 2.4.1:
> - Security fix in mpfr_snprintf and mpfr_vsnprintf (buffer overflow).
Hi Vincent,
Thanks for the note. I grep'ed the gcc sources and I don't see any uses
of mpfr_snprintf or mpfr_vsnprintf. So I don't believe any change in the
minimum mpfr version checks (either "required" version or "recommended"
version) is necessary in gcc due to this issue in mpfr.
Thanks,
--Kaveh
