[hardening-discuss] Bug#666451: Please enabled hardened build flags
Steven Chamberlain
steven at pyro.eu.org
Fri Mar 30 21:20:57 UTC 2012
Package: src:polipo
Version: 1.0.4.1-1.1
Severity: important
Tags: patch
User: hardening-discuss at lists.alioth.debian.org
Usertags: goal-hardening
X-Debbugs-CC: hardening-discuss at lists.alioth.debian.org
Hi,
Please enable security hardening build flags for polipo.
Since it handles untrusted data (HTTP responses) from the network, and
has been affected by a number of potential security issues in past years
relating to its handling of those, it seems like an ideal candidate for
the Wheezy security hardening release goal (hence severity: important) :
http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
For me, the attached diff seemed sufficient. There were no issues
compiling it. I'm running a rebuilt, hardened polipo binary now and
there are no obvious new problems.
Thanks,
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: polipo-hardening.patch
Type: text/x-patch
Size: 396 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20120330/4e4ffdab/attachment.bin>
More information about the hardening-discuss
mailing list