[sage-devel] Security weakness CWE-1077: Floating Point Comparison with Incorrect Operator

[Georgi Guninski]

Since there was discussion about RealField, comparing floats for
equality is considered security vulnerability:

https://cwe.mitre.org/data/definitions/1077.html

Numeric calculation using floating point values can generate imprecise
results because of rounding errors. As a result, two different
calculations might generate numbers that are mathematically equal, but
have slightly different bit representations that do not translate to
the same mathematically-equal values. As a result, an equality test or
other comparison might produce unexpected results.

This issue can prevent the product from running reliably. If the
relevant code is reachable by an attacker, then this reliability
problem might introduce a vulnerability.

-- 
You received this message because you are subscribed to the Google Groups 
"sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to sage-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/sage-devel/CAGUWgD8qR%2BA-P711-x8Mf9UQV5Oa-o64Q9GBQhU7y9puYCj8Fg%40mail.gmail.com.

[sage-devel] web site from cocalc but in our domain

[Frédéric Chapoton]

Hello,

I have recently found:
https://sage.sagemath.org/
which seems to be advertisment for cocalc.

Is this something we allowed ?
Frédéric

-- 
You received this message because you are subscribed to the Google Groups 
"sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to sage-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/sage-devel/e241fb17-113d-4345-b931-c413827eda98n%40googlegroups.com.