Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#43229 - [festival] missing RELRO / SSP because CFLAGS/LDFLAGS are not respected
Attached to Project:
Arch Linux
Opened by Daniel Micay (thestinger) - Friday, 26 December 2014, 06:38 GMT
Last edited by Jelle van der Waa (jelly) - Thursday, 01 June 2023, 20:31 GMT
Opened by Daniel Micay (thestinger) - Friday, 26 December 2014, 06:38 GMT
Last edited by Jelle van der Waa (jelly) - Thursday, 01 June 2023, 20:31 GMT
|
DetailsAll of the executables are missing RELRO because the build system doesn't respect LDFLAGS. This can be solved either by modifying the build system or by adding makedepends=(hardening-wrapper).
Many of the executable are also missing stack canaries, but when I rebuild it the problem fixes itself. Perhaps it was built without -fstack-protector-strong in the makepkg configuration? |
This task depends upon
Closed by Jelle van der Waa (jelly)
Thursday, 01 June 2023, 20:31 GMT
Reason for closing: Implemented
Additional comments about closing: festival-2.5.0-5-x86_64.pkg.tar.zst
Thursday, 01 June 2023, 20:31 GMT
Reason for closing: Implemented
Additional comments about closing: festival-2.5.0-5-x86_64.pkg.tar.zst
Comment by Doug Newgard (Scimmia) -
Friday, 26 December 2014, 14:28 GMT
- Field changed: Status (Unconfirmed → Assigned)
- Task assigned to Andreas Radke (AndyRTR), Eric Belanger (Snowman)
Orphan, assigning to last two packagers.
Comment by loqs (loqs) -
Tuesday, 29 September 2020, 13:50 GMT
- Field changed: Percent Complete (100% → 0%)
The hardening-wrapper was in festival 2.4-1 https://github.com/archlinux/svntogit-packages/commit/28fd9dbcd3cd3594f052f20969d85898a0a232aa http://sprunge.us/Zn0es1 contains the output of namcap festival-2.5.0-4-x86_64.pkg.tar.zst
Comment by loqs (loqs) -
Tuesday, 29 September 2020, 15:20 GMT
The attached PKGBUILD.diff fixes RELRO. MAKE_SHARED_LIB may be better changed using a patch.
PKGBUILD.diff
(0.8 KiB)