Package: mingw-w64 Version: 6.0.0-3 Severity: important Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=19011 Tags: upstream patch
According to <URL: https://security-tracker.debian.org/tracker/CVE-2018-5392 >, the issue is unsolved in Debian, thus I create this issue to track the status. The problem at hand is that mingw-w64 fail to create binaries with a working ASLR security feature, even when asked to do so. Packages that might be affected are listed on <URL: https://lintian.debian.org/tags/portable-executable-missing-security-features.html >. According to two upstream issues, <URL: https://sourceware.org/bugzilla/show_bug.cgi?id=17321 > and <URL: https://sourceware.org/bugzilla/show_bug.cgi?id=19011 >, the problem was fixed in januar 2020. Is the issue also fixed in Debian? I picked the version in stable as the starting point, but suspect the problem also exist in earier versions. -- Happy hacking Petter Reinholdtsen
