Public bug reported:
Ubuntu 11.10 added hardening options to totem, bug Ubuntu 12.04 and
12.10 lost PIE and BIND_NOW. These are important compiler hardening
features that help protect users from malicious content.
This can be seen with the hardening check command:
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-video-thumbnailer:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-audio-preview:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/lib/totem/totem-plugin-viewer:
Position Independent Executable: no, normal executable!
Immediate binding: no, not found!
(the stack-protector check can be ignored since it depends on the code
having certain characteristics).
** Affects: totem (Ubuntu)
Importance: Undecided
Status: New
** Affects: totem (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: totem (Ubuntu Quantal)
Importance: Undecided
Status: New
** Tags: regression-release
** Also affects: totem (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: totem (Ubuntu Quantal)
Importance: Undecided
Status: New
** Tags added: regression-release
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to totem in Ubuntu.
https://bugs.launchpad.net/bugs/1039604
Title:
Please re-enable PIE and BIND_NOW
Status in “totem” package in Ubuntu:
New
Status in “totem” source package in Precise:
New
Status in “totem” source package in Quantal:
New
Bug description:
Ubuntu 11.10 added hardening options to totem, bug Ubuntu 12.04 and
12.10 lost PIE and BIND_NOW. These are important compiler hardening
features that help protect users from malicious content.
This can be seen with the hardening check command:
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-video-thumbnailer:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem-audio-preview:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/bin/totem:
Position Independent Executable: no, normal executable!
Stack protected: no, not found! (ignored)
Immediate binding: no, not found!
/tmp/built-binaries-74x5kX/totem/usr/lib/totem/totem-plugin-viewer:
Position Independent Executable: no, normal executable!
Immediate binding: no, not found!
(the stack-protector check can be ignored since it depends on the code
having certain characteristics).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/totem/+bug/1039604/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
