[Pkg-gnupg-maint] Bug#527630: built with needless executable stack

Kees Cook kees at debian.org
Fri May 8 15:37:13 UTC 2009


Package: gnupg
Version: 1.4.9-4
Severity: normal
Tags: patch, security
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch

Hello!

gnupg is built with an executable stack, which is not needed and can lead
to security problems if a flaw is found that allows an attacker to fill
stack memory with executable code on ia32.

Attached patch adds the configure option to enable this protection.  This
is also being tracked in Ubuntu as:
https://bugs.edge.launchpad.net/bugs/49323

Thanks,

-Kees

-- 
Kees Cook                                            @debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg-nonexec.patch
Type: text/x-diff
Size: 707 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20090508/a7d9a49d/attachment.patch>


More information about the Pkg-gnupg-maint mailing list