Bug#613535: /usr/lib/libSDL-1.2.so.0: executable stack is falsely requested for /usr/lib/libSDL-1.2.so.0

Russell Coker russell at coker.com.au
Tue Feb 15 14:14:16 UTC 2011 

Package: libsdl1.2debian-alsa
Version: 1.2.14-6.1
Severity: important
File: /usr/lib/libSDL-1.2.so.0

# execstack -q /usr/lib/libSDL-1.2.so.0
X /usr/lib/libSDL-1.2.so.0

The shared object /usr/lib/libSDL-1.2.so.0 claims to need an executable stack.

When I rebuilt this package from source without making any changes it didn't
claim to need an executable stack.  So presumably this problem is due to some
assembler issue.

Could the next squeeze update please include a rebuilt copy of this for i386
to solve this bug?  The current situation weakens the security of every
application that links against this library for no good reason.

-- System Information:
Debian Release: 6.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-xen-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages libsdl1.2debian-alsa depends on:
ii  libasound2                    1.0.23-2.1 shared library for ALSA 
applicatio
ii  libc6                         2.11.2-10  Embedded GNU C Library: Shared 
lib
ii  libdirectfb-1.2-9             1.2.10.0-4 direct frame buffer graphics - 
sha
ii  libsvga1                      1:1.4.3-29 console SVGA display libraries

libsdl1.2debian-alsa recommends no packages.

libsdl1.2debian-alsa suggests no packages.

-- no debconf information

More information about the Pkg-sdl-maintainers mailing list