Public bug reported:
Ubuntu 11.10 added hardening options to totem, bug Ubuntu 12.04 and
12.10 lost PIE and BIND_NOW. These are important compiler hardening
features that help protect users from malicious content.
This can be seen with the hardening check command:
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-video-thumbnailer:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-audio-preview:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/lib/totem/totem-plugin-viewer:
Position Independent Executable: no, normal executable!
Immediate binding: no, not found!
(the stack-protector check can be ignored since it depends on the code
having certain characteristics).
** Affects: totem (Ubuntu)
Importance: Undecided
Status: New
** Affects: totem (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: totem (Ubuntu Quantal)
Importance: Undecided
Status: New
** Tags: regression-release
** Also affects: totem (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: totem (Ubuntu Quantal)
Importance: Undecided
Status: New
** Tags added: regression-release
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to totem in Ubuntu.
https://bugs.launchpad.net/bugs/1039604
Title:
Please re-enable PIE and BIND_NOW
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/totem/+bug/1039604/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
