Niels Thykier <[email protected]> writes:
> Assuming you were using 2.5.11 for test, you may want to retry with
> 2.5.12. The latter did another false-positive -> false-negative
> trade-off (memset and memmove).
Looks like that won't help for libkopenafs1:
% hardening-check --verbose /usr/lib/libkopenafs.so.1
/usr/lib/libkopenafs.so.1:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
unprotected: getgroups
Read-only relocations: yes
Immediate binding: yes
That's the one built with hardening-wrappers installed.
Also looks like that's not the issue for xml-security-c-utils:
% hardening-check --verbose xmlsec-xklient
xmlsec-xklient:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: no, only unprotected functions found!
unprotected: fread
Read-only relocations: yes
Immediate binding: yes
(Thanks for the note about --verbose!)
--
Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
