2216763 – Change Proposal Name Changes/LIBFFI_34_static_trampolines

Bug 2216763 - Change Proposal Name Changes/LIBFFI_34_static_trampolines

Summary: Change Proposal Name Changes/LIBFFI_34_static_trampolines

Keywords:
Status:	MODIFIED
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Changes Tracking
Sub Component:
Version:	39
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	DJ Delorie
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	F39Changes
TreeView+	depends on / blocked

Reported:	2023-06-22 13:37 UTC by Aoife Moloney
Modified:	2023-08-16 08:29 UTC (History)
CC List:	2 users (show)
Fixed In Version:	libffi-3.4.4-3.fc39
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Aoife Moloney 2023-06-22 13:37:07 UTC

This is a tracking bug for Change: Change Proposal Name Changes/LIBFFI_34_static_trampolines
For more details, see: https://fedoraproject.org/wiki/Changes/LIBFFI34_static_trampolines

Libffi is currently configured to use dynamic trampolines, which require some source of memory which is both writable and executable.  This is an obvious security issue, and selinux and system defaults have made it more and more difficult to safely provide this memory to libffi clients.  With this change, libffi will be configured to use static trampolines, which do not require such memory, and will not pose those security and administrative risks.

If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.

Note You need to log in before you can comment on or make changes to this bug.