Hi Stephan, On 2025-10-15 07:38, Stephan Verbücheln wrote: > According to the Trixie release notes, Debian 13 has introduced > hardening against ROP attacks using Intel CET (Control-flow Enforcement > Technology, and similar technologies on other CPUs). > > https://www.debian.org/releases/stable/release-notes/whats-new.html#hardening-against-rop-and-cop-jop-attacks-on-amd64-and-arm64 > > However, when I check with fwupdmgr, it says: “Not supported” > > > fwupdmgr security > [...] > > HSI-3 > > ✔ CET Platform: Supported > [...] > > Runtime Suffix -! > > ✘ CET OS Support: Not supported
There is still some work to be done, at least on the glibc side, as Guillem mentioned here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114518 ciao, ema
