Summary: | hardened x11-base xorg-server-1.5.2: stack smashing attack when alt key is pressed | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | karl <gmkarl> |
Component: | [OLD] Unspecified | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | gravydish, hardened, karimarie |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
emerge --info
emerge --info |
Description
karl
2008-10-25 18:21:44 UTC
Created attachment 169850 [details]
emerge --info
This bug also occurs in xorg-server-1.4.2. I imagine every version of xorg-server that uses the new ABI (1.4+) is probably affected by this bug. This is an old bug and is a problem with the old gcc 3.x ssp. I hit it a long time ago and the paxteam debugged it. gcc 4.2+ does not have this problem. Build xorg without the ssp. I can concur that this problem still exists in 1.5.3-r5 on a hardened 2008.0 build. Rebuilding xorg-server with the i686-pc-linux-gnu-3.4.6-hardenednossp compiler fixed the issue and X now runs without a hitch. If this is historic and well known, why isn't it in the Xorg 1.5 upgrade documentation? Created attachment 188496 [details]
emerge --info
Fixed in portage via filtering SSP for <GCC4. |