Bug#613761: gnome-control-center: build with security hardening enabled via hardening-wrapper

Kees Cook kees at debian.org
Thu Feb 17 01:09:11 UTC 2011


Package: gnome-control-center
Version: 1:2.30.1-1
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch

Hi,

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/{control{,.in},rules}: enable PIE build for security hardening
    of font thumbnailer.

The goal is to make the font thumbnailer more resistant to potential attack
from 3rd party fonts that may contain intentionally malicious corruption, etc.

Thanks for considering the patch.

-Kees


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty
  APT policy: (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-3-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmp4RZYj7
Type: text/x-diff
Size: 1401 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20110216/ea9be612/attachment.diff>


More information about the pkg-gnome-maintainers mailing list