Public bug reported: Ubuntu 11.10 added hardening options to totem, bug Ubuntu 12.04 and 12.10 lost PIE and BIND_NOW. These are important compiler hardening features that help protect users from malicious content.
This can be seen with the hardening check command: /tmp/built-binaries-74x5kX/totem/usr/bin/totem-video-thumbnailer: Position Independent Executable: no, normal executable! Stack protected: no, not found! (ignored) Immediate binding: no, not found! /tmp/built-binaries-74x5kX/totem/usr/bin/totem-audio-preview: Position Independent Executable: no, normal executable! Stack protected: no, not found! (ignored) Immediate binding: no, not found! /tmp/built-binaries-74x5kX/totem/usr/bin/totem: Position Independent Executable: no, normal executable! Stack protected: no, not found! (ignored) Immediate binding: no, not found! /tmp/built-binaries-74x5kX/totem/usr/lib/totem/totem-plugin-viewer: Position Independent Executable: no, normal executable! Immediate binding: no, not found! (the stack-protector check can be ignored since it depends on the code having certain characteristics). ** Affects: totem (Ubuntu) Importance: Undecided Status: New ** Affects: totem (Ubuntu Precise) Importance: Undecided Status: New ** Affects: totem (Ubuntu Quantal) Importance: Undecided Status: New ** Tags: regression-release ** Also affects: totem (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: totem (Ubuntu Quantal) Importance: Undecided Status: New ** Tags added: regression-release -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to totem in Ubuntu. https://bugs.launchpad.net/bugs/1039604 Title: Please re-enable PIE and BIND_NOW To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/totem/+bug/1039604/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs