Summary: | app-pda/pilot-link contains insecure RUNPATH's | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthew Baker <m> |
Component: | Runpath Issues | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | andrew, dldudley, gottlieb, matt, moixa, nils, pda, perl, slestak989 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3? [ebuild needpatch] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 81745 | ||
Attachments: | pilot-link ebuild log |
Description
Matthew Baker
2005-12-04 05:10:37 UTC
Created attachment 74040 [details]
pilot-link ebuild log
Ccing PDA herd to check that we are affected with current Perl stable, which may fix it. more likely a perl issue ... (In reply to comment #3) > more likely a perl issue ... > Since so far all of these bugs are cropping up on perl 5.8.7 boxes, going to tend to agree here. Investigating - these may all have a root cause (another bug in this list would be the PerlQt bug, number escapes me right now) (In reply to comment #4) > Since so far all of these bugs are cropping up on perl 5.8.7 boxes, I have this problem on a x86 box w perl-5.8.6-r8 as well. I also have the same problem with building net-snmp on x86. I have perl V5.8.6 installed. Check if you have ExtUtils-MakeMaker installed. If so, unmerge and try pilot-link again. (In reply to comment #7) > Check if you have ExtUtils-MakeMaker installed. > If so, unmerge and try pilot-link again. I do not have it installed and get the bug * perl-core/ExtUtils-MakeMaker Latest version available: 6.21-r1 Latest version installed: [ Not Installed ] * dev-lang/perl Latest version available: 5.8.7-r3 Latest version installed: 5.8.7-r3 samr problem here: x86_64 perl=5.8.6-r5 pilot-link-0.11.8-r1 i don't have ExtUtils-MakeMaker and running "perlcleaner all" didn't help pilot-link-0.11.8 has a different error: 067751 /usr/lib/gcc/x86_64-pc-linux-gnu/3.4.3/../../../../x86_64-pc-linux-gnu/bin/ld: /var/tmp/portage/pilot-link-0.11.8/temp/ccyQzRrO.o: relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC 067752 /var/tmp/portage/pilot-link-0.11.8/temp/ccyQzRrO.o: could not read symbols: Bad value 067753 collect2: ld returned 1 exit status 067754 make[3]: *** [java_lib] Error 1 067755 make[3]: Leaving directory `/var/tmp/portage/pilot-link-0.11.8/work/pilot-link-0.11.8/bindings/Java' 067756 make[2]: *** [all-recursive] Error 1 067757 make[2]: Leaving directory `/var/tmp/portage/pilot-link-0.11.8/work/pilot-link-0.11.8/bindings' 067758 make[1]: *** [all-recursive] Error 1 067759 make[1]: Leaving directory `/var/tmp/portage/pilot-link-0.11.8/work/pilot-link-0.11.8' 067760 make: *** [all-recursive-am] Error 2 067761 067762 !!! ERROR: app-pda/pilot-link-0.11.8 failed. 067763 !!! Function src_compile, Line 57, Exitcode 2 067764 !!! (no error message) ... but emerging pilot-link-0.11.8 with -java brings back the insecure binaries error. ... and emerging pilot-link 0.11.8-r1 using -perl +java +tcltk +python +png +readline allowed me to emerge gnome-pilot-2.0.10-r1, then evolution-2.4.2.1 with +pda and now it works. well, the M100 and gnome-pilot-settings recognised each other, which is good enough for me. This look likes it has been fixed, is this correct? yeah... i've just tried it again same result. i guess you could close this by calling it an AMD_64 perl bug. (In reply to comment #13) > yeah... > i've just tried it again same result. > > i guess you could close this by calling it an AMD_64 perl bug. > I don't think it is just AMD_64, I still the bug with x86 and [ebuild R ] app-pda/pilot-link-0.11.8 +java* -minimal +perl +png +python +readline +tcltk 0 kB Actually I think the 'fix' for this came in during perl fixes for rpaths (both in 5.8.7 and 5.8.8). Not so much an intentional fix as a broad sweeping fix...yeah, that sounds competent... Can this one be closed? (In reply to comment #16) > Can this one be closed? > emerge app-pda/pilot-link works after update to perl 5.8.8 k *** Bug 125835 has been marked as a duplicate of this bug. *** *** Bug 126280 has been marked as a duplicate of this bug. *** |