[gentoo-commits] proj/gentoo-news:master commit in: 2014/2014-06-15-gcc48_ssp/

Sun, 15 Jun 2014 19:01:23 -0700 

commit:     553b96bad5e649776b9a20397e6abcfea38f4133
Author:     Ryan Hill <rhill <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 16 01:59:59 2014 +0000
Commit:     Ryan Hill <dirtyepic <AT> gentoo <DOT> org>
CommitDate: Mon Jun 16 01:59:59 2014 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/gentoo-news.git;a=commit;h=553b96ba

News item for GCC 4.8.3.

---
 .../2014-06-15-gcc48_ssp.en.txt                    | 34 ++++++++++++++++++++++
 .../2014-06-15-gcc48_ssp.en.txt.asc                | 11 +++++++
 2 files changed, 45 insertions(+)

diff --git a/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt 
b/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt
new file mode 100644
index 0000000..a0d1deb
--- /dev/null
+++ b/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt
@@ -0,0 +1,34 @@
+Title: GCC 4.8.3 defaults to -fstack-protector
+Author: Ryan Hill <rh...@gentoo.org>
+Content-Type: text/plain
+Posted: 2014-06-15
+Revision: 1
+News-Item-Format: 1.0
+Display-If-Installed: >=sys-devel/gcc-4.8.3
+Display-If-Keyword: amd64
+Display-If-Keyword: arm
+Display-If-Keyword: mips
+Display-If-Keyword: ppc
+Display-If-Keyword: ppc64
+Display-If-Keyword: x86
+
+Beginning with GCC 4.8.3, Stack Smashing Protection (SSP) will be
+enabled by default.  The 4.8 series will enable -fstack-protector
+while 4.9 and later enable -fstack-protector-strong.
+
+SSP is a security feature that attempts to mitigate stack-based buffer
+overflows by placing a canary value on the stack after the function
+return pointer and checking for that value before the function returns.
+If a buffer overflow occurs and the canary value is overwritten, the
+program aborts.
+
+There is a small performance cost to these features.  They can be
+disabled with -fno-stack-protector.
+
+For more information these options, refer to the GCC Manual, or the
+following articles.
+
+http://en.wikipedia.org/wiki/Buffer_overflow_protection
+http://en.wikipedia.org/wiki/Stack_buffer_overflow
+https://securityblog.redhat.com/tag/stack-protector
+http://www.outflux.net/blog/archives/2014/01/27/fstack-protector-strong

diff --git a/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt.asc 
b/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt.asc
new file mode 100644
index 0000000..ef32608
--- /dev/null
+++ b/2014/2014-06-15-gcc48_ssp/2014-06-15-gcc48_ssp.en.txt.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0
+
+iQEcBAABCgAGBQJTnk9/AAoJEO04vUmVeoRj+AQIAKw0ZEJj6MFBw8lPSenkspGX
+XmlijZKVvV0i+LpCV6/XA+AUfV8j8DvzYiamtD1NmmZp7iT8gbsqGZxN5UiBBUtG
+4BDi7nmC/kJsR+7az/Ey6w2kUbijCfJu1fmx7wjoTWBcHQyLJEUakMG6mfc50BOg
+dUSuZl+K/FMfyB6Y4SuPPtCtFyWGru8Pol0HsQQ1rS76QHZN4cdHrwFQzEovQChw
+S2OPaqgHRs+HjIs55P7PceXARYsM7ppgjxOa//cCZA9HepOPmqk6wMYFs3yafkK7
+cssCq6aLVlsaiBVMXth60MN7GEtkI6aVBpnuU8Fe5Uzehr3W99zDc//dOBrrfMY=
+=JuHk
+-----END PGP SIGNATURE-----

Reply via email to