Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#68674 - [io] package lacks FULL RELRO and contains dangerous RPATH's
Attached to Project:
Community Packages
Opened by Jelle van der Waa (jelly) - Thursday, 19 November 2020, 20:55 GMT
Last edited by Alexander F. Rødseth (xyproto) - Wednesday, 25 November 2020, 19:10 GMT
Opened by Jelle van der Waa (jelly) - Thursday, 19 November 2020, 20:55 GMT
Last edited by Alexander F. Rødseth (xyproto) - Wednesday, 25 November 2020, 19:10 GMT
|
DetailsDescription:
Building the package shows tons of namcap warnings most importantly: io W: ELF file ('usr/bin/io') lacks FULL RELRO, check LDFLAGS. io W: ELF file ('usr/bin/io_static') lacks FULL RELRO, check LDFLAGS. And insecure RPATH's io E: Insecure RPATH '/build/io/src/build/_build/dll' in file ('usr/lib/io/addons/AsyncRequest/_build/dll/libIoAsyncRequest.so') io E: Insecure RPATH '/build/io/src/build/_build/dll' in file ('usr/lib/io/addons/BigNum/_build/dll/libIoBigNum.so') |
This task depends upon
Closed by Alexander F. Rødseth (xyproto)
Wednesday, 25 November 2020, 19:10 GMT
Reason for closing: Fixed
Wednesday, 25 November 2020, 19:10 GMT
Reason for closing: Fixed
Build tested only.
io: Relink `/usr/lib/libbasekit.so' with `/usr/lib/libm.so.6' for IFUNC symbol `ceil'
zsh: segmentation fault (core dumped) io
I'm in the process of trying to figure out why.
For now, I'm installing the statically compiled `io` executable as `/usr/bin/io`. This works without any RELRO or RPATH issues.