On Sun, 2015-05-10 at 13:03 +1000, Russell Coker wrote: > Package: librados2 > Version: 0.80.7-2 > Severity: normal > > # execstack /usr/lib/x86_64-linux-gnu/librados.so.2 > X /usr/lib/x86_64-linux-gnu/librados.so.2 > > librados currently requests an executable stack. It would be ideal if it > didn't request such access so that programs such as /usr/bin/qemu-system-i386 > that link against it are less vulnerable to stack based attacks. > > Does librados even need an executable stack? In a quick test it appeared to > work without it. >
Hi, it does not need the executable stack and the issue was fixed upstream in a later ceph release (0.80.8). -Boris > -- System Information: > Debian Release: 8.0 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) > Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages librados2 depends on: > ii libboost-system1.55.0 1.55.0+dfsg-3 > ii libboost-thread1.55.0 1.55.0+dfsg-3 > ii libc6 2.19-18 > ii libgcc1 1:4.9.2-10 > ii libnspr4 2:4.10.7-1 > ii libnss3 2:3.17.2-1.1 > ii libstdc++6 4.9.2-10 > ii libuuid1 2.25.2-6 > ii multiarch-support 2.19-18 > > librados2 recommends no packages. > > librados2 suggests no packages. > > -- no debconf information > _______________________________________________ > Ceph-maintainers mailing list > [email protected] > http://lists.ceph.com/listinfo.cgi/ceph-maintainers-ceph.com -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
