[Kolab-devel] OpenPKG gcc 4.1 security opportunity

Bernhard Reiter bernhard at intevation.de
Mon Aug 21 15:57:29 CEST 2006


Am Montag, 21. August 2006 10:24 schrieb Fabio Pietrosanti:
> i would like to suggest using the OpenPKG gcc 4.1 (instead of 4.0) that
> introduced the secure 'propolice' feature in the standard code.

That would mean to go to a newer OpenPKG version I guess,
which most people would not want for server 2.1.0, but for following versions.

> By compiling all software with propolice extension most stack based
> overflow are mitigated.
>
> More information on http://www.trl.ibm.com/projects/security/ssp/
>
> http://en.wikipedia.org/wiki/Stack-smashing_protection

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1310 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/devel/attachments/20060821/c6f5dc02/attachment.p7s>


More information about the devel mailing list