Package: linux
Version: 3.14.13-2
Severity: wishlist
Hi,
the Linux kernel in Debian is currently not protected against stack attacks:
$ grep STACKPROTECTOR /boot/config-3.14-2-amd64
CONFIG_HAVE_CC_STACKPROTECTOR=y
# CONFIG_CC_STACKPROTECTOR is not set
CONFIG_CC_STACKPROTECTOR_NONE=y
#
Package: nfs-utils
Version: 1:1.2.8-7
Severity: wishlist
Hi,
a lot of bugs have been fixed upstream, see:
https://www.kernel.org/pub/linux/utils/nfs-utils/1.2.9/1.2.9-Changelog
https://www.kernel.org/pub/linux/utils/nfs-utils/1.3.0/1.3.0-Changelog
So could you please update the nfs-utils
Package: linux
Version: 3.14.13-2
Severity: wishlist
Hi,
the Linux kernel in Debian does currently not use this option:
$ grep CONFIG_DEBUG_STRICT_USER_COPY_CHECKS /boot/config-3.14-*
/boot/config-3.14-2-686-pae:# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is
not set
/boot/config-3.14-2-amd64:#
Package: nfs-common
Version: 1:1.2.8-7
Severity: wishlist
Hi,
according to the checksec.sh script, binaries provided by nfs-utils
are not compiled with all available hardening features:
RELRO STACK CANARY NXPIE RPATH
RUNPATH FILE
No RELRO
Package: src:linux
Version: 3.14.13-2
Severity: important
Dear Maintainer,
I am getting kernel oopses with the 3.14 series. Using 3.2 was ok,
modulo some major visual glitches in certain applications (e.g. gdm3)
that were accompanied by messages in the kernel log saying something
about the
Package: src:linux
Version: 3.14.13-2
Severity: important
Dear Maintainer,
After upgrading from linux-image-3.12 I have lost HDMI connection to my video
projector. Now, when I turn on projector with X Windows running, system is
frozen and I must reboot.
If I don't turn on projector, system
Processing control commands:
tag -1 moreinfo
Bug #756904 [linux] linux: please enable CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
Added tag(s) moreinfo.
--
756904: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756904
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To
Control: tag -1 moreinfo
On Sun, 2014-08-03 at 13:14 +0200, Laurent Bonnaud wrote:
Package: linux
Version: 3.14.13-2
Severity: wishlist
Hi,
the Linux kernel in Debian does currently not use this option:
$ grep CONFIG_DEBUG_STRICT_USER_COPY_CHECKS /boot/config-3.14-*
Processing control commands:
severity -1 important
Bug #756898 [linux] linux: please protect the kernel against stack attacks
Severity set to 'important' from 'wishlist'
tag -1 confirmed
Bug #756898 [linux] linux: please protect the kernel against stack attacks
Added tag(s) confirmed.
--
Control: severity -1 important
Control: tag -1 confirmed
On Sun, 2014-08-03 at 11:42 +0200, Laurent Bonnaud wrote:
Package: linux
Version: 3.14.13-2
Severity: wishlist
Hi,
the Linux kernel in Debian is currently not protected against stack attacks:
$ grep STACKPROTECTOR
After much stuffing around I managed to get a stack trace related to
the change near the problem:
Aug 4 06:20:13 azza kernel: [ 12.680555] end_request: I/O error,
dev sr1, sector 0
Aug 4 06:20:13 azza kernel: [ 12.685541] sr 6:0:0:0: [sr1]
Unhandled sense code
Aug 4 06:20:13 azza kernel:
Package: src:linux
Version: 3.14.13-2
Severity: normal
File: /boot/vmlinuz-3.14-2-amd64
I was peacefully transferring a big file to my external USB harddisk
formatted with btrfs, when the kernel brutally lashed out with the BUG
below, preventing all further access to the disk:
--
On Tue, Jun 03, 2014 at 07:49:08PM +0200, maximilian attems wrote:
thank you very much, pushed out to initramfs repo:
http://anonscm.debian.org/gitweb/?p=kernel/initramfs-tools.git
will upload soonish.
Hi. It's two months later and people (e.g. me!) are being bitten by
this bug when
13 matches
Mail list logo