On i386 systems, /usr/lib/libgdk_pixbuf.so.2.0.0 and /usr/lib/libgdk_pixbuf_xlib.so.2.0.0 are erroneously marked as requiring an executable stack. This is because they use several assembler source files that do not contain a .note.GNU-stack section indicating that an executable stack is unnecessary. As a result, any application which links to these libraries has an executable stack. This is a security risk. This can be fixed by either: a) adding appropriate .note.GNU-stack sections to each assembler file b) linking with the "-z noexecstack" option or c) running "execstack -c" on the final library Attached is a patch to the .spec which implements option C.
Created attachment 110407 [details] Patch against the RPM .spec to mark libraries as noexecstack