Bug#741439: mpv: Please enable all hardening options

Alessandro Ghedini ghedo at debian.org
Wed Mar 12 15:49:31 UTC 2014


Control: tags -1 pending

On Wed, Mar 12, 2014 at 02:38:47PM +0100, Simon Ruderich wrote:
> Package: mpv
> Version: 0.3.6-1
> Severity: normal
> Tags: patch
> 
> Hello,
> 
> As audio/movie player, mpv is vulnerable to exploits in the used
> libraries, which are common. PIE and bindnow provide additional
> hardening against those attacks. Please enable them by default.
> 
> The following patch enables all additional flags (PIE and
> bindnow) and enables a verbose build to detect missing flags:

Pushed to git, thanks! Note that we already pass "-v" to waf, so "V := 1" isn't
needed (and it doesn't work with waf anyway).

Cheers

-- 
perl -E '$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20140312/151f2164/attachment.sig>


More information about the pkg-multimedia-maintainers mailing list