1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-29 17:10:48 +00:00
nixpkgs/pkgs/development/libraries/glibc
Franz Pletz 3ba99f83a7
glibc: enable stackprotection hardening
Enables previously manually disabled stackprotector and stackguard
randomization.

From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511811:

    If glibc is built with the --enable-stackguard-randomization option,
    each application gets a random canary value (at runtime) from /dev/urandom.
    If --enable-stackguard-randomization is absent, applications get a static
    canary value of "0xff0a0000". This is very unfortunate, because the
    attacker may be able to bypass the stack protection mechanism, by placing
    those 4 bytes in the canary word, before the actual canary check is
    performed (for example in memcpy-based buffer overflows).
2016-09-12 02:36:11 +02:00
..
common.nix glibc: enable stackprotection hardening 2016-09-12 02:36:11 +02:00
default.nix glibc: enable stackprotection hardening 2016-09-12 02:36:11 +02:00
dont-use-system-ld-so-cache.patch glibc: update 2.20 -> 2.21, including security fixes 2015-03-03 11:31:01 +01:00
dont-use-system-ld-so-preload.patch glibc: Update to 2.20 2014-10-29 17:54:47 +01:00
fix_path_attribute_in_getconf.patch glibc/2.19 -> glibc 2014-10-29 13:42:59 +01:00
glibc-crypt-blowfish.patch glibc/2.19 -> glibc 2014-10-29 13:42:59 +01:00
glibc-remove-datetime-from-nscd.patch glibc: improve nscd version check after e316672dcb 2014-11-11 11:06:57 +01:00
info.nix Merge master into closure-size 2016-03-08 09:58:19 +01:00
locales-builder.sh glibc/2.19 -> glibc 2014-10-29 13:42:59 +01:00
locales.nix Merge master into closure-size 2016-03-08 09:58:19 +01:00
multi.nix glibc_multi: Reference dev outputs of glibc 2016-08-30 15:18:51 +03:00
nix-locale-archive.patch glibc: fixed a warning caused by nix-locale-archive.patch 2015-05-15 11:14:50 +02:00
rpcgen-path.patch glibc/2.19 -> glibc 2014-10-29 13:42:59 +01:00