Red Hat Bugzilla – Bug 983622
no hardening build
Last modified: 2015-03-03 18:06:58 EST
udisksd 14589 Partial RELRO Canary found NX enabled No PIE
* no "FULL RELRO"
* no PIE
udisksd is a long living process running even as root
If your package meets any of the following criteria you MUST enable the PIE compiler flags:
Your package is long running. This means it's likely to be started and keep running until the machine is rebooted, not start on demand and quit on idle.
Your package has suid binaries, or binaries with capabilities.
Your package runs as root.
If your package meets the following criteria you should consider enabling the PIE compiler flags:
Your package accepts/processes untrusted input.
udisks2-2.0.1-3.fc18 has been submitted as an update for Fedora 18.
I've used the %global _hardened_build macro, hope it's sufficient for a hardened build. In F19 and rawhide packages a different approach has been used due to previous issues with the macro.
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing udisks2-2.0.1-3.fc18'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
udisks2-2.0.1-3.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.