Hello, I am compiling gplflash 0.4.13 on a dual-core AMD64 system. It compiles fine, but when it goes to install, it give me this exact error: QA Notice: the following files contain insecure RUNPATH's Please file a bug about this at http://bugs.gentoo.org/ For more information on this issue, kindly review: http://bugs.gentoo.org/81745 /var/tmp/portage/gplflash-0.4.13/work/gplflash-0.4.13/lib/.libs opt/netscape/plugins/libnpflash.so Thanks! Reproducible: Always Steps to Reproduce: 1.emerge gplflash (version 0.4.13) (may have to be done on AMD64) 2. 3. Actual Results: during installation of files, recieved this error: QA Notice: the following files contain insecure RUNPATH's Please file a bug about this at http://bugs.gentoo.org/ For more information on this issue, kindly review: http://bugs.gentoo.org/81745 /var/tmp/portage/gplflash-0.4.13/work/gplflash-0.4.13/lib/.libs opt/netscape/plugins/libnpflash.so Expected Results: successfully installed the gplflash ebuild Portage 2.0.53 (default-linux/amd64/2005.1, gcc-3.4.4, glibc-2.3.5-r3, 2.6.15-rc4 x86_64) ================================================================= System uname: 2.6.15-rc4 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ Gentoo Base System version 1.12.0_pre11 dev-lang/python: 2.3.5, 2.4.2 sys-apps/sandbox: 1.2.15 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.20-r1 virtual/os-headers: 2.6.11-r3 ACCEPT_KEYWORDS="amd64 ~amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=athlon64 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 X a52 aac acpi alsa audiofile avi berkdb bitmap-fonts bmp bonobo bzip2 cdparanoia cdr crypt cups dri dts dv dvd dvdr dvdread eds emboss encode esd exif expat fam fbcon ffmpeg flac foomaticdb fortran ftp gif glut gnome gpm gstreamer gtk gtk2 hal idn ieee1394 imlib ipv6 joystick jpeg kde lcms lzw lzw-tiff mad mikmod mime mng mozilla mp3 mpeg ncurses nls ogg openal opengl pam pcre pdflib perl png posix python qt quicktime readline samba scanner sdl spell ssl svg tcpd theora tiff truetype truetype-fonts type1-fonts udev unicode usb userlocales v4l vcd videos vorbis xine xml xml2 xmms xpm xv yahoo zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
gplflash's build system has wicked broken autotool handling ... in this case, they decided to override the default install target by copying the temp .so file to the install path (which was built with -rpath) should be fixed in gplflash-0.4.13-r1
*** Bug 115835 has been marked as a duplicate of this bug. ***
Any hint if this would also affect < 0.4.13 ?
no idea, but it'd prob be best if we punted the older versions anyways
Then we should test and mark 0.4.13-r1 stable.
I have epiphany-1.6.4, mozilla-1.7.12-r2, and mozilla-firefox-1.0.7 installed and all of them fail to detect and use the gplflash-0.4.13-r1 plugin when I install it.
same here on amd64, firefox can't find the plugin. however, i tried the latest stable (0.4.10-r3) and apparently it is safe, so there is no need to speed up stablization IMHO
OK so let's consider this only affects the recent ~ version and close the security bug. Feel free to open a separate bug or to reassign this one if you want to solve the "0.4.13-r1 sucks" issue...
and do not forget to close.