Bug#613763: totem: enable security hardening in build via hardening-wrapper

Sebastian Dröge slomo at circular-chaos.org
Thu Feb 17 08:09:21 UTC 2011


On Wed, 2011-02-16 at 17:15 -0800, Kees Cook wrote:
> Package: totem
> Version: 2.30.2-2
> Severity: normal
> Tags: patch
> User: ubuntu-devel at lists.ubuntu.com
> Usertags: origin-ubuntu natty ubuntu-patch
> 
> In Ubuntu, the attached patch was applied to achieve the following:
> 
>   * debian/{control{,.in},rules}: enable PIE build for security hardening.
> 
> Since totem deals with media files, it should be hardened against potential
> malicious attacks. This patch enables the hardening features in the toolchain.
> 
> Thanks for considering the patch.

Not sure how useful this is when applied to totem only. Totem uses other
libraries to handle with media files and playlists.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20110217/08a9e0d2/attachment.pgp>


More information about the pkg-gnome-maintainers mailing list