> So I think I will enable "-fno-stack-protector" in the package
> for now.
Hi,
I'm quite concerned about this fix. Were you able to determine 100%
that the problem was caused a bug in the stack protector? If not, this
should be regarded as a genuine buffer overflow and disabling the stack
protector is not the correct solution. This could be a serious
vulnerability especially given that fso-deviced runs as root. You
mentioned that building without -O2 works so it could well be a bug in
the optimiser. A safer solution would be to reduce the optimisation
level to -O1 but if that still causes a buffer overflow then the
optimiser should be disabled completely.
Thanks,
David
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
