+++ This bug was initially created as a clone of Bug #337736 +++ JIT requires executable stack pages, and any process performing JavaScript on hardened kernels will require to run with PAX_MPROTECT disabled. This may allow easier code execution exploits to work (without the need in pure ret2libc-style stack preparations, that is harder). Apart from that the JIT itself can be vulnerable. -- p.labushev@gmail.com
Created attachment 248218 [details, diff] Patch using IUSE+jit and configure option to disable jit
Committed. Once again, thanks Dillon for the patch :)