Debian Bug report logs -
#547644
[mupen64plus] Don't enable executable stack
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Tobias Loose <TobiasLoose@gmx.de>:
Bug#547644; Package mupen64plus.
(Mon, 21 Sep 2009 11:06:37 GMT) (full text, mbox, link).
Acknowledgement sent
to Peter Fritzsche <peter.fritzsche@gmx.de>:
New Bug report received and forwarded. Copy sent to Tobias Loose <TobiasLoose@gmx.de>.
(Mon, 21 Sep 2009 11:06:37 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: mupen64plus
Version: 1.5+dfsg1-4
Severity: normal
Please don't enable executable stack as this disables an important security
feature on many platforms if a flaw is found that allows an attacker to fill
stack memory with executable code.
--- Package information. ---
Depends (Version) | Installed
====================================-+-=================
libbz2-1.0 | 1.0.5-3
libc6 (>= 2.3) | 2.9-26
libfreetype6 (>= 2.2.1) | 2.3.9-5
libgcc1 (>= 1:4.1.1) | 1:4.4.1-4
libgl1-mesa-glx | 7.5.1-1
OR libgl1 |
libglib2.0-0 (>= 2.16.0) | 2.21.6-1
libglu1-mesa | 7.5.1-1
OR libglu1 |
libgtk2.0-0 (>= 2.12.0) | 2.17.11-1
liblzma0 (>= 4.999.7beta) | 4.999.8beta-1
libpango1.0-0 (>= 1.14.0) | 1.24.5-1
libpng12-0 (>= 1.2.13-4) | 1.2.39-1
libsamplerate0 | 0.1.7-2
libsdl-ttf2.0-0 | 2.0.9-1
libsdl1.2debian (>= 1.2.10-1) | 1.2.13-4+b1
libstdc++6 (>= 4.2.1) | 4.4.1-4
libxdg-basedir1 | 1.0.2-1
zlib1g (>= 1:1.1.4) | 1:1.2.3.3.dfsg-15
ttf-dejavu-core | 2.30-1
Information forwarded
to debian-bugs-dist@lists.debian.org, Tobias Loose <TobiasLoose@gmx.de>:
Bug#547644; Package mupen64plus.
(Mon, 21 Sep 2009 11:42:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Sven Eckelmann <sven.eckelmann@gmx.de>:
Extra info received and forwarded to list. Copy sent to Tobias Loose <TobiasLoose@gmx.de>.
(Mon, 21 Sep 2009 11:42:06 GMT) (full text, mbox, link).
Message #10 received at 547644@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
tags 547644 + pending
forwarded 547644 http://code.google.com/p/mupen64plus/issues/detail?id=268
thanks
> Please don't enable executable stack as this disables an important security
> feature on many platforms if a flaw is found that allows an attacker to
> fill stack memory with executable code.
Thanks. I will address this issue when uploading the version with xz support
(#543552).
You can view the change in
http://git.debian.org/?p=collab-maint/mupen64plus.git;a=commit;h=d482a63ba8e47e01b8b8a87e622a4bd806f348c1
Before:
# scanelf -e /usr/games/mupen64plus
TYPE STK/REL/PTL FILE
ET_EXEC RWX --- RW- /usr/games/mupen64plus
After
# scanelf -e ./mupen64plus
TYPE STK/REL/PTL FILE
ET_EXEC RW- --- RW- ./mupen64plus
Best regards,
Sven
[signature.asc (application/pgp-signature, inline)]
Added tag(s) pending.
Request was from Sven Eckelmann <sven.eckelmann@gmx.de>
to control@bugs.debian.org.
(Mon, 21 Sep 2009 11:42:07 GMT) (full text, mbox, link).
Reply sent
to Sven Eckelmann <sven.eckelmann@gmx.de>:
You have taken responsibility.
(Mon, 28 Sep 2009 23:18:11 GMT) (full text, mbox, link).
Notification sent
to Peter Fritzsche <peter.fritzsche@gmx.de>:
Bug acknowledged by developer.
(Mon, 28 Sep 2009 23:18:11 GMT) (full text, mbox, link).
Message #19 received at 547644-close@bugs.debian.org (full text, mbox, reply):
Source: mupen64plus
Source-Version: 1.5+dfsg1-5
We believe that the bug you reported is fixed in the latest version of
mupen64plus, which is due to be installed in the Debian FTP archive:
mupen64plus-dbg_1.5+dfsg1-5_amd64.deb
to pool/main/m/mupen64plus/mupen64plus-dbg_1.5+dfsg1-5_amd64.deb
mupen64plus_1.5+dfsg1-5.diff.gz
to pool/main/m/mupen64plus/mupen64plus_1.5+dfsg1-5.diff.gz
mupen64plus_1.5+dfsg1-5.dsc
to pool/main/m/mupen64plus/mupen64plus_1.5+dfsg1-5.dsc
mupen64plus_1.5+dfsg1-5_amd64.deb
to pool/main/m/mupen64plus/mupen64plus_1.5+dfsg1-5_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 547644@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sven Eckelmann <sven.eckelmann@gmx.de> (supplier of updated mupen64plus package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 28 Sep 2009 15:23:17 +0200
Source: mupen64plus
Binary: mupen64plus mupen64plus-dbg
Architecture: source amd64
Version: 1.5+dfsg1-5
Distribution: unstable
Urgency: low
Maintainer: Tobias Loose <TobiasLoose@gmx.de>
Changed-By: Sven Eckelmann <sven.eckelmann@gmx.de>
Description:
mupen64plus - plugin-based Nintendo 64 emulator
mupen64plus-dbg - mupen64plus debug symbols package
Closes: 546046 547644
Changes:
mupen64plus (1.5+dfsg1-5) unstable; urgency=low
.
* debian/patches:
- Change to dep3 patch tagging guidelines
- Remove number before patches as order is given by debian/patches/series
- Add gtk-open-filter.patch, Show files with .n64 and .v64 extension in
filtered open file dialog (Closes: #546046)
- Add noexecstack.patch, Don't enable executable stack by default
(Closes: #547644)
- Add fix_readpng.patch, Fix crash when loading png due to reordering
optimizer
- Add jttl_fix_romclosed.patch, Stop audio processing thread before freeing
buffers to fix segfault during stop of emulation
- Add rice_nodebug.patch, Don't enable excessive debug functionality in
rice_video
- Add interpreter_x86_fldcw.patch, Correctly set floating point control word
- Add load-fpr-location.patch, Set register bank location when loading
savestate
Checksums-Sha1:
c6c1dd66bc64d38b8cf601ca927bd2a79c8a4b92 1548 mupen64plus_1.5+dfsg1-5.dsc
6b9d4d425887eb5f3920c6ad48ff58b5fc86350e 55209 mupen64plus_1.5+dfsg1-5.diff.gz
f45fca0eeb589a3043247c52d5cba682c6cb0b82 1424822 mupen64plus_1.5+dfsg1-5_amd64.deb
2ec560a181dc3f8fb534109ffcdc84addd1f2cc9 1955852 mupen64plus-dbg_1.5+dfsg1-5_amd64.deb
Checksums-Sha256:
7c0b4d7fee136efb21ff15a8526d4de72dba0cdc84e75bdb7f23a6c9db70feaf 1548 mupen64plus_1.5+dfsg1-5.dsc
01ca100f65efca231df25cf3955b7162432ec43a33c564b32324c116559215d5 55209 mupen64plus_1.5+dfsg1-5.diff.gz
7c1ce97e44d815e79a4af6356eebbe143a7be0d5302363cf849a9865bc323f18 1424822 mupen64plus_1.5+dfsg1-5_amd64.deb
18d3d505dc1e4352451c1e6eb5bb3f06223e467b89a05511f890611e4fa45bd7 1955852 mupen64plus-dbg_1.5+dfsg1-5_amd64.deb
Files:
ec02d552dda4a2555d78f6f1aeb3adce 1548 games optional mupen64plus_1.5+dfsg1-5.dsc
b2c3dee48fc8e928db3b3ea4aebae552 55209 games optional mupen64plus_1.5+dfsg1-5.diff.gz
18365dd1495dfde9bf5fc09df9941894 1424822 games optional mupen64plus_1.5+dfsg1-5_amd64.deb
41be9c23f1d4bcbfc9aa9e7bbacb51b4 1955852 debug extra mupen64plus-dbg_1.5+dfsg1-5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEUEARECAAYFAkrBGKUACgkQB01zfu119Zn5jwCgvCOwon/7a8LDiPAUH1wIMOEi
JLQAlj6z/AKSR3WMszoVNLrABaw6Lc4=
=qMCc
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 20 Nov 2009 07:30:30 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sun Jul 2 14:32:19 2023;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.