subject:"Bug#1023562\: dpkg\-buildflags\: hardening\: add stack clash protection"

Bug#1023562: dpkg-buildflags: hardening: add stack clash protection

2022-11-11 Thread Guillem Jover

Control: forcemerge 918914 -1

Hi!

On Sun, 2022-11-06 at 19:23:21 +0100, Christian Göttsche wrote:
> Package: dpkg-dev
> Version: 1.21.9
> Tags: security

> Please consider to add stack clash protection to the hardening
> options. The related flag, `-fstack-clash-protection`, is supported by
> GCC since version 8 and Clang since version 10 (x86 only).
> More details on the functionality iself:
> https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3
> https://blog.llvm.org/posts/2021-01-05-stack-clash-protection/

This was already filed, but there were some concerns and no one drove
this per the usual procedure to enable new flags. Merging.

Thanks,
Guillem

Bug#1023562: dpkg-buildflags: hardening: add stack clash protection

2022-11-06 Thread Christian Göttsche

Package: dpkg-dev
Version: 1.21.9
Tags: security

Please consider to add stack clash protection to the hardening
options. The related flag, `-fstack-clash-protection`, is supported by
GCC since version 8 and Clang since version 10 (x86 only).
More details on the functionality iself:
https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3
https://blog.llvm.org/posts/2021-01-05-stack-clash-protection/

Bug#1023562: dpkg-buildflags: hardening: add stack clash protection

Bug#1023562: dpkg-buildflags: hardening: add stack clash protection

2 matches

Site Navigation

Mail list logo

Footer information