Public bug reported:
nginx (1.4.6-1ubuntu3) is not being built with -fPIE -pie. I am running
ubuntu 14.04 LTS. I've included the output when scanning apache2 with
hardening-check just for comparison purposes.
$ hardening-check /usr/sbin/nginx
/usr/sbin/nginx:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no, not found!
$ dpkg -l | grep "nginx-core"
ii nginx-core 1.4.6-1ubuntu3
amd64 nginx web/proxy server (core version)
$ lsb_release -rd
Description: Ubuntu 14.04 LTS
Release: 14.04
$ hardening-check /usr/sbin/apache2
/usr/sbin/apache2:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: yes
** Affects: nginx (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1315426
Title:
nginx not built as position independent
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1315426/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
