Our great sponsors
-
llvm-project
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
advisory-database
This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA) (by psf)
> Take for example CVE-2022-21658 (https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html) in Rust, related to a filesystem API. It's true, this was a CVE in Rust and not a CVE in C++, but only because C++ doesn't regard the issue as a problem at all.
That just plain wrong. Just simply wrong. And I hope it is not a lie done on purpose.
The C++ community acknowledge the issue as soon as the Rust one posted the problem and issued a fix which is already deployed with major compilers [^1] [^2]
It does not have a CVE associated since the issue was spotted within Rust stdlib first.
This is this exact kind of FUD and zealotism that makes people hate the Rust community. I wish the community mature a bit on this aspect.
[^1]: https://github.com/gcc-mirror/gcc/commit/ebf6175464768983a2d...
[^2]: https://github.com/llvm/llvm-project/commit/4f67a909902d8ab9...
> Take for example CVE-2022-21658 (https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html) in Rust, related to a filesystem API. It's true, this was a CVE in Rust and not a CVE in C++, but only because C++ doesn't regard the issue as a problem at all.
That just plain wrong. Just simply wrong. And I hope it is not a lie done on purpose.
The C++ community acknowledge the issue as soon as the Rust one posted the problem and issued a fix which is already deployed with major compilers [^1] [^2]
It does not have a CVE associated since the issue was spotted within Rust stdlib first.
This is this exact kind of FUD and zealotism that makes people hate the Rust community. I wish the community mature a bit on this aspect.
[^1]: https://github.com/gcc-mirror/gcc/commit/ebf6175464768983a2d...
[^2]: https://github.com/llvm/llvm-project/commit/4f67a909902d8ab9...
https://github.com/hsutter/cppfront
But his side project at Microsoft didn't gain traction with gcc, clang, etc and everybody else in the industry. So at this point, the C++ committee will be perceived as "so far behind" ... because there's nothing for them to vote on.
In my understanding, no. I believe it was bpo-4489 [1], and I couldn't find a matching advisory from the PSF's database [2] which should contain all historical advisories as well.
[1] https://github.com/python/cpython/issues/48739
[2] https://github.com/psf/advisory-database/
In my understanding, no. I believe it was bpo-4489 [1], and I couldn't find a matching advisory from the PSF's database [2] which should contain all historical advisories as well.
[1] https://github.com/python/cpython/issues/48739
[2] https://github.com/psf/advisory-database/
Fil-C sounds like an amazing project!
Do you have any guesses on whether it could easily target WebAssembly?
link: https://github.com/pizlonator/llvm-project-deluge/blob/delug...