GccSsp
|
Size: 1380
Comment: more pending tests
|
Size: 1382
Comment: udpate
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 40: | Line 40: |
| || postgresql-8.1 || ok on amd64/edgy, fail in sid/i386 due to obscure linking problem || | || postgresql-8.1 || ok on edgy, fail in sid due to linking problem || |
| Line 43: | Line 43: |
| || glib2.0 || || || gtk+2.0 || || || glibc || || |
|| glib2.0 || ok || || gtk+2.0 || ok || || glibc || FTBFS with SSP || |
Launchpad Entry: https://launchpad.net/distros/ubuntu/+spec/gcc-ssp
Created: 2006-06-14 by MartinPitt
Contributors: MartinPitt
Packages affected: many
Summary
gcc 4.1 comes with SSP now, which is a nice technology to mitigate exploitability of many buffer overflows. This greatly enhances security in the time between publication of a vulnerability and the USN.
Edgy is a good opportunity to try it out for some particular packages and provide a parallel test archive with SSP enabled by default, so that we can thoroughly test it. If all goes well, we should enable it by default in edgy+1.
Rationale
Use cases
Scope
Design
Implementation
Code
Data preservation and migration
Outstanding issues
BoF agenda and discussion
Field research
The following dapper packages have been tested with SSP enabled (built with gcc-4.1 and -fstack-protector under edgy):
perl |
ok |
python |
ok |
apache2 |
ok |
php5 |
ok |
postgresql-8.1 |
ok on edgy, fail in sid due to linking problem |
firefox |
FTBFS with gcc 4.1 |
mysql-dfsg-5.0 |
FTBFS with gcc 4.1 |
glib2.0 |
ok |
gtk+2.0 |
ok |
glibc |
FTBFS with SSP |
GccSsp (last edited 2008-08-06 16:19:12 by localhost)