+++ This bug was initially created as a clone of Bug #338243 +++ +++ This bug was initially created as a clone of Bug #337736 +++ JIT requires executable stack pages, and any process performing JavaScript on hardened kernels will require to run with PAX_MPROTECT disabled. This may allow easier code execution exploits to work (without the need in pure ret2libc-style stack preparations, that is harder). Apart from that the JIT itself can be vulnerable. -- p.labushev@gmail.com
Created attachment 248222 [details, diff] Patch using IUSE+jit and configure option to disable jit
Committed. Thanks Dillon for the patch.