[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#887875: libqt5webenginecore5: libQt5WebEngineCore.so.5.9.2 claims to need an executable stack

Package: libqt5webenginecore5
Version: 5.9.2+dfsg-2
Severity: normal

$ execstack -q /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2
X /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2

The shared object is listed as requiring an executable stack.  This weakens
the security of every application that uses it.

# execstack -c /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2

After running the above command kmail (which uses that shared object) works
correctly.  I have SE Linux set to not permit executable stack so it wouldn't
run with the flag set in the header.  The fact that it runs now means that
at least the basic operations of this shared object don't need an executable
stack.

-- System Information:
Debian Release: buster/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: default

Versions of packages libqt5webenginecore5 depends on:
ii  libasound2                       1.1.3-5
ii  libavcodec57                     7:3.4.1-1+b1
ii  libavformat57                    7:3.4.1-1+b1
ii  libavutil55                      7:3.4.1-1+b1
ii  libc6                            2.26-4
ii  libdbus-1-3                      1.12.2-1
ii  libevent-2.1-6                   2.1.8-stable-4
ii  libexpat1                        2.2.5-3
ii  libfontconfig1                   2.12.6-0.1
ii  libfreetype6                     2.8.1-1
ii  libgcc1                          1:7.2.0-19
ii  libglib2.0-0                     2.54.3-1
ii  libharfbuzz0b                    1.7.2-1
ii  libicu57                         57.1-8
ii  libjpeg62-turbo                  1:1.5.2-2+b1
ii  liblcms2-2                       2.9-1
ii  libminizip1                      1.1-8+b1
ii  libnspr4                         2:4.16-1+b1
ii  libnss3                          2:3.34.1-1
ii  libopus0                         1.2.1-1
ii  libpng16-16                      1.6.34-1
ii  libqt5core5a [qtbase-abi-5-9-2]  5.9.2+dfsg-6
ii  libqt5gui5                       5.9.2+dfsg-6
ii  libqt5network5                   5.9.2+dfsg-6
ii  libqt5positioning5               5.9.2+dfsg-3
ii  libqt5quick5                     5.9.2-3
ii  libqt5webchannel5                5.9.2-3
ii  libqt5webengine-data             5.9.2+dfsg-2
ii  libre2-3                         20170101+dfsg-1
ii  libsnappy1v5                     1.1.7-1
ii  libstdc++6                       7.2.0-19
ii  libwebp6                         0.6.0-4
ii  libwebpdemux2                    0.6.0-4
ii  libx11-6                         2:1.6.4-3
ii  libx11-xcb1                      2:1.6.4-3
ii  libxcb1                          1.12-1
ii  libxcomposite1                   1:0.4.4-2
ii  libxcursor1                      1:1.1.15-1
ii  libxdamage1                      1:1.1.4-3
ii  libxext6                         2:1.3.3-1+b2
ii  libxfixes3                       1:5.0.3-1
ii  libxi6                           2:1.7.9-1
ii  libxml2                          2.9.4+dfsg1-6.1
ii  libxrender1                      1:0.9.10-1
ii  libxslt1.1                       1.1.29-5
ii  libxss1                          1:1.2.2-1+b2
ii  libxtst6                         2:1.2.3-1
ii  zlib1g                           1:1.2.8.dfsg-5

libqt5webenginecore5 recommends no packages.

libqt5webenginecore5 suggests no packages.

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2 (from libqt5webenginecore5:amd64 package)
Reply to: