cinelerra-cvs has some files that contains executable stacks. Reproducible: Always Steps to Reproduce: emerge -pv cinelerra-cvs [ebuild U ] media-video/cinelerra-cvs-20080301 [20080115] USE="alsa css esd ieee1394 opengl oss truetype (-3dnow) (-altivec) (-mmx) -static" emerge cinelerra-cvs Actual Results: * QA Notice: The following files contain executable stacks * Files with executable stacks will not work properly (or at all!) * on some architectures/operating systems. A bug should be filed * at http://bugs.gentoo.org/ to make sure the file is fixed. * For more information, see http://hardened.gentoo.org/gnu-stack.xml * Please include this file in your report: * /var/tmp/portage/media-video/cinelerra-cvs-20080301/temp/scanelf-execstack.l og * RWX --- --- usr/bin/cinelerra RWX --- --- usr/lib64/cinelerra/suv.so RWX --- --- usr/lib64/cinelerra/bluedottheme.so RWX --- --- usr/lib64/cinelerra/blondtheme.so Expected Results: No executable stacks. The requested log file will follow as attachment.
Created attachment 145751 [details] scanelf-execstack
emerge --info please...
emerge --info Portage 2.1.4.4 (default-linux/amd64/2007.0, gcc-4.2.3, glibc-2.7-r1, 2.6.24-gentoo-r3 x86_64) ================================================================= System uname: 2.6.24-gentoo-r3 x86_64 AMD Athlon(tm) 64 Processor 3500+ Timestamp of tree: Mon, 10 Mar 2008 16:17:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [enabled] app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.5 dev-lang/python: 2.5.1-r5 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.24 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/initng/daemon /etc/initng/net /etc/initng/system /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=athlon64 -O2 -pipe" DISTDIR="/home/ftp/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FEATURES="ccache collision-protect cvs distlocks elog java-strict metadata-transfer multilib-strict sandbox sfperms sign strict stricter unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://mirror.switch.ch/mirror/gentoo/ " LANG="it_IT.UTF-8" LC_ALL="it_IT.UTF-8" LINGUAS="it" PKGDIR="/home/ftp/packages" PORTAGE_COMPRESS="bzip2" PORTAGE_COMPRESS_FLAGS="-9" PORTAGE_RSYNC_EXTRA_OPTS=" --timeout=800 --progress " PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dnow 3dnowext 3ds 7zip X a52 aac acl acpi alsa amd64 amr aoss apache2 arts asf audiofile avahi bash-completion berkdb bl branding bzip2 cairo cal3d caps ccache cdb cddb cdparanoia cdr cg chroot cli cpudetection cracklib crypt css cups curl custom-cflags dbus devhelp dga directfb disk-partition djvu dmi dovecot-sasl dri dts dv dvd dvdr dvdread emerald encode epydoc erandom esd exif expat extrafilters fame ffmpeg firefox flac fltk foomaticdb fortran gd gdbm ggi gif gimp gimpprint glib glibc-omitfp glitz glut gmp gnokii gnome gnutls gphoto2 gpm graphviz gsm gtk gtkhtml guile hal hbci howl-compat iconv idn ieee1394 imagemagick imlib ipv6 isc isdnlog ithreads java javacomm javascript jbig jce jikes jpeg jpeg2k justify kde kdeenablefinal kdehiddenvisibility kqemu lcms ldap libcaca libnotify linuxthreads-tls lm_sensors logitech-mouse logrotate lzo mad mailwrapper matroska mbox mdb mhash midi mikmod mjpeg mmap mmx mmxext mng motif mozdevelop mp3 mpeg mpm-worker mppe-mppc msn mudflap musepack musicbrainz mysql ncurses nfs nls nptl nptlonly nsplugin numeric nvidia odbc ode offensive ofx ogg ogre on-the-fly-crypt openexr opengl openmp oss pam parport pch pcre pdf perl php png povray ppds pppd pulseaudio python qa qt3 qt3support qt4 quicktime quotes rdesktop readline reflection resolvconf restrict-javascript rtc samba scanner sdl session slang slp smime sndfile snmp speex spell spl sse sse2 ssl startup-notification subversion svg sysfs syslog tcltk tcpd test tetex tga theora threads tidy tiff timidity tk truetype unicode usb userlocales utempter v4l v4l2 vcd vda vorbis vorbis-psy wma wmf wmp xattr xcomposite xforms xine xinerama xml xorg xpm xprint xscreensaver xv xvid xvmc yv12 zeroconf zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="canon directory panasonic pccam300" ELIBC="glibc" FOO2ZJS_DEVICES="hp1005" INPUT_DEVICES="mouse evdev keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="it" USERLAND="GNU" VIDEO_CARDS="nvidia nv" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LDFLAGS, MAKEOPTS
Can you check with latest version? I can't see them on my system, though they may be arch-specific.
Same problem here with the latest version: $ eix cinelerra [I] media-video/cinelerra Available versions: (~)20080602 Installed versions: 20080602(11:14:31 PM 06/24/2008)(3dnow alsa css esd ieee1394 mmx opengl oss truetype -altivec -static) 'emerge --info' will follow as attachment. If 'scanelf-execstack.log' is needed, let me know, i will compile cinelerra again to get the file.
Created attachment 158327 [details] emerge --info
Confirmed, still present n latest version: emerge -pv cinelerra [ebuild N ] media-video/cinelerra-20080602 USE="3dnow alsa css esd ieee1394 mmx opengl oss truetype (-altivec) -static" 0 kB RWX --- --- usr/bin/cinelerra RWX --- --- usr/lib64/cinelerra/suv.so RWX --- --- usr/lib64/cinelerra/bluedottheme.so RWX --- --- usr/lib64/cinelerra/blondtheme.so # emerge --info Portage 2.2_rc1 (default/linux/amd64/2008.0/desktop, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.25-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.25-gentoo-r5-x86_64-AMD_Athlon-tm-_64_Processor_3500+-with-glibc2.2.5 Timestamp of tree: Tue, 24 Jun 2008 18:06:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [disabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.5.2-r5 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.62 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r2 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.4 virtual/os-headers: 2.6.25-r4 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/4.0/env /usr/kde/4.0/share/config /usr/kde/4.0/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/initng/daemon /etc/initng/net /etc/initng/system /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=athlon64 -O2 -pipe" DISTDIR="/home/ftp/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FEATURES="collision-protect cvs distlocks elog java-strict metadata-transfer multilib-strict parallel-fetch preserve-libs sandbox sfperms sign strict stricter unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://mirror.switch.ch/mirror/gentoo/ " LANG="it_IT.UTF-8" LC_ALL="it_IT.UTF-8" LDFLAGS="" LINGUAS="it" PKGDIR="/home/ftp/packages" PORTAGE_COMPRESS="bzip2" PORTAGE_COMPRESS_FLAGS="-9" PORTAGE_RSYNC_EXTRA_OPTS=" --timeout=800 --progress " PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/sunrise /usr/local/overlays/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext 3ds 7zip X a52 aac acl acpi alsa amd64 amr apache2 arts audiofile avahi bash-completion berkdb bl branding bzip2 cairo cal3d caps ccache cdb cddb cdparanoia cdr cg chroot cli cpudetection cracklib crypt css cups curl custom-cflags dbus devhelp dga directfb disk-partition djvu dmi dovecot-sasl dri dts dv dvd dvdr dvdread emboss emerald encode epydoc erandom esd evo exif expat extrafilters fam fame ffmpeg firefox flac fltk foomaticdb fortran gd gdbm ggi gif gimp glib glibc-omitfp glitz glut gmp gnokii gnome gnutls gphoto2 gpm graphviz gsm gstreamer gtk gtkhtml guile hal hbci howl-compat iconv idn ieee1394 imagemagick imlib ipv6 isc isdnlog ithreads java javacomm javascript jbig jce jikes jpeg jpeg2k justify kde kdeenablefinal kdehiddenvisibility kqemu lcms ldap libcaca libnotify linuxthreads-tls lm_sensors logitech-mouse logrotate lzo mad mailwrapper matroska mbox mdb mhash midi mikmod mjpeg mmap mmx mmxext mng motif mozdevelop mp3 mpeg mppe-mppc msn mudflap multilib musepack musicbrainz mysql ncurses nfs nls nptl nptlonly nsplugin numeric nvidia odbc ode offensive ofx ogg ogre openexr opengl openmp oss pam parport pch pcre pdf perl php png povray ppds pppd print pulseaudio python qa qt3 qt3support qt4 quicktime quotes rdesktop readline reflection resolvconf restrict-javascript rtc samba scanner sdl session slang slp smime sndfile snmp speex spell spl sse sse2 ssl startup-notification subversion svg sysfs syslog tcpd test tetex tga theora threads tidy tiff timidity tk truetype unicode usb userlocales utempter v4l v4l2 vcd vda vorbis vorbis-psy wma wmf wmp xattr xcomposite xforms xine xinerama xml xorg xpm xprint xscreensaver xulrunner xv xvid xvmc yv12 zeroconf zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="canon directory panasonic pccam300 " ELIBC="glibc" FOO2ZJS_DEVICES="hp1005 hpp1005" INPUT_DEVICES="mouse evdev keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="it" USERLAND="GNU" VIDEO_CARDS="nvidia nv" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, MAKEOPTS
How is 20101104 ?
* Messages for package media-video/cinelerra-20111223: * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * http://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see http://hardened.gentoo.org/gnu-stack.xml * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * RWX --- --- usr/bin/cinelerra * RWX --- --- usr/lib64/cinelerra/suv.so * RWX --- --- usr/lib64/cinelerra/bluedottheme.so * RWX --- --- usr/lib64/cinelerra/blondtheme.so
23 Dec 2011; Samuli Suominen <ssuominen@gentoo.org> + cinelerra-20111223.ebuild: + Link with -Wl,-z,noexecstack wrt #212959 by Sandro Bonazzola
*** Bug 395819 has been marked as a duplicate of this bug. ***
There is still this issue for me: amd64box ~ # qlop -s Sat Dec 24 13:30:30 2011 >>> rsync://140.211.166.189/gentoo-portage
(In reply to comment #12) > There is still this issue for me: > > > amd64box ~ # qlop -s > Sat Dec 24 13:30:30 2011 >>> rsync://140.211.166.189/gentoo-portage I doubt, it, bug 395819 is about older version and this is not a blocker for stabilization in any case
(In reply to comment #13) > I doubt, it, bug 395819 is about older version and this is not a blocker for > stabilization in any case What? bug 395819 is about media-video/cinelerra-20101104 and tha stabilization is about =media-video/cinelerra-20101104 , why is not a blocker?
