Bug#301135: libc6: libacl/libcrypto/libasound all have PT_GNU_STACK enabled on them in glibc 2.3.4-1
- To: GOTO Masanori <email@example.com>
- Cc: Brad Spengler <firstname.lastname@example.org>, email@example.com, Daniel Jacobowitz <firstname.lastname@example.org>
- Subject: Bug#301135: libc6: libacl/libcrypto/libasound all have PT_GNU_STACK enabled on them in glibc 2.3.4-1
- From: Zoran Dzelajlija <email@example.com>
- Date: Wed, 17 Aug 2005 03:06:12 +0200
- Message-id: <[🔎] 20050817010612.GA21424@islands.iskon.hr>
- Reply-to: Zoran Dzelajlija <firstname.lastname@example.org>, email@example.com
- In-reply-to: <firstname.lastname@example.org>
- References: <200503232310.j2NNAilf022493@mayinga.bucknell.edu> <20050323234156.GA26329@nevyn.them.org> <20050323234839.GA6643@grsecurity.net> <20050324050443.GB911@nevyn.them.org> <20050324130414.GA25680@grsecurity.net> <20050324135906.GA22953@nevyn.them.org> <20050324144426.GA5915@grsecurity.net> <20050324153820.GA28255@nevyn.them.org> <email@example.com>
Quoting GOTO Masanori (firstname.lastname@example.org):
> At Thu, 24 Mar 2005 10:38:20 -0500,
> Daniel Jacobowitz wrote:
> > > Is there someone else that is more concerned with fixing problems than
> > > being an asshole that I can talk to about this problem?
> > If you aren't interested in being civil, I'm certainly not interested
> > in helping you. You haven't given a convincing reason for glibc to
> > change, only for the applications to be fixed. Have you filed bugs on
> > the affected libraries?
> I also wonder why this bug is submitted into glibc package.
Well, for one thing, upgrading libc6 triggers the breakage on
unrelated, already installed packages - and there's a lot of those
linked to eg. libssl-0.9.7.so. BTW. looks like there are some patches
which mitigate this issue, see eg. the libc6 build in this
deb http://debian.linux-systeme.com unstable main
(I haven't taken a good look at the diff, but the changelog says
* Add PaX support.
which is what I need. ;-)
> If it's not glibc bug, this report does not make any sense - because
> maintainers of such problematic library merely read this list. If you
> don't think it's glibc bug, could you reassign it to the appropriate
> packages? If you don't know how to reassign bugs, please let me know.
It seems reasonable to include some global workaround until all these
broken library packages get fixed, since the breakage appears to have
wide effects on the affected systems. Since there is a workaround in
glibc available, maybe it's better to leave a copy of the bug here,
perhaps for you to examine the patch and see if it would be a good idea
to apply it?
Apart from that, your suggestion is to (duplicate and) reassign to
libacl1, libssl0.9.7 etc?
I know things are expected to break in unstable, however I'm puzzled
that this issue is still opened after 5 months.