Fix released for Edgy a while ago, but none for dapper, so I've attached
a debdiff between libgcrypt11_1.2.2-1 and libgcrypt11_1.2.2-1.1, with
1.1 adding a non-executable stack.
This is marked for dapper-updates. It helps security, but does not fix
any vulnerability. It helps security on both x8
Closing per reporter on IRC.
** Changed in: libgcrypt11 (Ubuntu)
Status: Unconfirmed => Fix Released
--
libgcrypt11 has an executable stack
https://launchpad.net/bugs/49192
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
I have reported the bug to upstream, with the proper assembly fixes.
Their initial response said to use --enable-noexecstack, which adds
-Wa,noexecstack to the compile flags; I have stressed the importance of
patching the assembly files directly (which is more portable), no idea
if they're going to
