On 21/08/19 00:24, Rich Brown wrote:
On Aug 20, 2019, at 5:32 PM, Rosen Penev <[email protected]
<mailto:[email protected]>> wrote:
... Issues are more nuanced than this though. These same people
several months ago mentioned a serious ASLR weakness with MIPS.
Patches went in the kernel for it.
Does this mean that snapshot builds (with current kernels) now protect
against that MIPS vulnerability? What about the stable builds?
ASLR is not enabled on OpenWrt (as I said in a mail a few seconds ago)
so any vulnerability in ASLR is irrelevant.
What statements/assertions can we make about whether these are used to
create release or snapshot builds? Thanks to all who can contribute info.
In my other message I pointed to the source of the build system with the
default options for various stuff.
The same hardening options are used for both release and snapshot
releases afaik.
They differ only in default package selection (and on source version
used of course)
-Alberto
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
