[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#887875: libqt5webenginecore5: libQt5WebEngineCore.so.5.9.2 claims to need an executable stack

On Monday, 2 December 2019 6:08:27 AM AEDT Dmitry Shachnev wrote:
> reassign 944971 libqt5webenginecore5
> merge 887875 944971
> fixed 887875 qtwebengine-opensource-src/5.12.4+dfsg-1
> thanks
> 
> Hi,
> 
> On Sun, Jan 21, 2018 at 10:10:57PM +1100, Russell Coker wrote:
> > $ execstack -q /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2
> > X /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2
> > 
> > The shared object is listed as requiring an executable stack.  This
> > weakens
> > the security of every application that uses it.
> 
> This was fixed upstream in [1], which was applied in Qt 5.12.4.
> So this bug is now fixed in testing.
> 
> Do you want a fix for Buster?

It would be nice to have so that the various schemes that change executable 
actions based on shared object flags could all be more restrictive and thus 
protect programs that use the library.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/
Reply to: