Bug#1103173: nmu: rebuild without executable stack

Mon, 14 Apr 2025 14:04:08 -0700 

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: binnmu

Dear release team,

Starting with version 2.44-2, binutils defaults to a non-executable
stack in an absence of the .note.GNU-stack ELF note (which defines if
the stack needs to be executable or not).

As part of the glibc 2.41 transition, I scanned the whole archive to
find libraries and executables with an executable stack. Some of them
are fixable by a simple binNMU. The rebuild is NOT needed for
compatibility with glibc 2.41, but that's less potential security
issues, and IMHO that's less surprises in case a rebuild is need at a
later point (e.g. security upload).

Here is the list in wb format:

nmu angelscript_2.35.1+ds-3.1 . ANY . unstable . -m "Rebuild without executable 
stack" --extra-depends "binutils (>= 2.44-2)"
nmu care_2.2.1-1 . amd64 armel armhf i386 x32 . unstable . -m "Rebuild without 
executable stack" --extra-depends "binutils (>= 2.44-2)"
nmu dssp_4.4.10-1 . ANY . unstable . -m "Rebuild without executable stack" 
--extra-depends "binutils (>= 2.44-2)"
nmu fasm_1.73.32-1 . amd64 i386 . -m "Rebuild without executable stack" 
--extra-depends "binutils (>= 2.44-2)"
nmu ikarus_0.0.3+bzr.2010.01.26+bap.1-1  . amd64 i386 . -m "Rebuild without 
executable stack" --extra-depends "binutils (>= 2.44-2)"
nmu jsusfx_0.4.0-6 . ANY . unstable . -m "Rebuild without executable stack" 
--extra-depends "binutils (>= 2.44-2)"
nmu proot_5.1.0-1.3 . amd64 arm64 armel armhf i386 . unstable . -m "Rebuild 
without executable stack" --extra-depends "binutils (>= 2.44-2)"
nmu smlsharp_4.1.0-1 . amd64 . unstable . -m "Rebuild without executable stack" 
--extra-depends "binutils (>= 2.44-2)"
nmu tinymembench_0.4+git20231218+ds-2 . ANY . unstable . -m "Rebuild without 
executable stack" --extra-depends "binutils (>= 2.44-2)"
nmu zfs-fuse_0.7.0-30  . amd64 armel armhf i386 powerpc ppc64 ppc64el sparc64 . 
unstable . -m "Rebuild without executable stack" --extra-depends "binutils (>= 
2.44-2)"

Please feel free to schedule them or just close this bug in case you
do not really see the added value of rebuilding those.

Regards
Aurelien

Reply via email to