openjdk team mailing list archive

Thread
Date

[Bug 330713] Re: compiled with -fno-stack-protector and -U_FORTIFY_SOURCE

To: openjdk@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <330713@xxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Aug 2009 17:15:07 -0000
Reply-to: Bug 330713 <330713@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package openjdk-6 - 6b16-1.6~pre2-0ubuntu1

---------------
openjdk-6 (6b16-1.6~pre2-0ubuntu1) karmic; urgency=low

  * Update IcedTea from the 1.6 release branch:
    - Fix buffer overflow in debugger's socket handler (Kees Cook).
      https://bugs.openjdk.java.net/show_bug.cgi?id=100103. LP: #409736.
    - plugin fixes.
  * Move the pulseaudio recommendation to a suggestion, don't build-depend
    on pulseaudio.
  * Build for armv6 (on armel).

  [ Kees Cook ]
  * debian/rules: Re-enable fortification and stack protector
    (LP: #330713).
  * Adding stack markings to the x86 assembly for not using executable
    stack. LP: #419018.

 -- Matthias Klose <doko@xxxxxxxxxx>   Fri, 28 Aug 2009 18:51:34 +0200

** Changed in: openjdk-6 (Ubuntu)
       Status: Triaged => Fix Released

** Bug watch added: bugs.openjdk.java.net/ #100103
   https://bugs.openjdk.java.net/show_bug.cgi?id=100103

-- 
compiled with -fno-stack-protector and -U_FORTIFY_SOURCE
https://bugs.launchpad.net/bugs/330713
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in ubuntu.

Status in “openjdk-6” package in Ubuntu: Fix Released

Bug description:
The package should build with security protections enabled.

References

[Bug 330713] [NEW] compiled with -fno-stack-protector and -U_FORTIFY_SOURCE
From: Kees Cook, 2009-02-17