Package: librados2 Version: 0.80.7-2 Severity: normal # execstack /usr/lib/x86_64-linux-gnu/librados.so.2 X /usr/lib/x86_64-linux-gnu/librados.so.2
librados currently requests an executable stack. It would be ideal if it didn't request such access so that programs such as /usr/bin/qemu-system-i386 that link against it are less vulnerable to stack based attacks. Does librados even need an executable stack? In a quick test it appeared to work without it. -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages librados2 depends on: ii libboost-system1.55.0 1.55.0+dfsg-3 ii libboost-thread1.55.0 1.55.0+dfsg-3 ii libc6 2.19-18 ii libgcc1 1:4.9.2-10 ii libnspr4 2:4.10.7-1 ii libnss3 2:3.17.2-1.1 ii libstdc++6 4.9.2-10 ii libuuid1 2.25.2-6 ii multiarch-support 2.19-18 librados2 recommends no packages. librados2 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org