> The problem is that it's important for anything doing networking, any
> executable with setuid/setcap/setgid and anything run by users on
> untrusted input like image viewers, text editors and tools like file and
> strings. If `python` or `ruby` isn't PIE, then it's trivial to exploit
> heap buff
On Thu, 18 Dec 2014 18:31:57 -0500
Daniel Micay wrote:
> Arch's single biggest security weakness is that it's not benefiting
> from address space layout randomization (ASLR). Fixing this issue
> would be a major step towards being a leader in this area. Many
> distributions enable ASLR, stack prot
=== Signoff report for [testing] ===
https://www.archlinux.org/packages/signoffs/
There are currently:
* 0 new packages in last 24 hours
* 0 known bad packages
* 0 packages not accepting signoffs
* 3 fully signed off packages
* 25 packages missing signoffs
* 0 packages older than 14 days
(Note: t
3 matches
Mail list logo
