[Pkg-gnupg-maint] Bug#527630: built with needless executable stack
Kees Cook
kees at debian.org
Fri May 8 15:37:13 UTC 2009
Package: gnupg
Version: 1.4.9-4
Severity: normal
Tags: patch, security
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch
Hello!
gnupg is built with an executable stack, which is not needed and can lead
to security problems if a flaw is found that allows an attacker to fill
stack memory with executable code on ia32.
Attached patch adds the configure option to enable this protection. This
is also being tracked in Ubuntu as:
https://bugs.edge.launchpad.net/bugs/49323
Thanks,
-Kees
--
Kees Cook @debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg-nonexec.patch
Type: text/x-diff
Size: 707 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20090508/a7d9a49d/attachment.patch>
More information about the Pkg-gnupg-maint
mailing list