Versions Compared

Old Version 12

changes.mady.by.user Jeff Law

Saved on

compared with

New Version 13

changes.mady.by.user Jeff Law

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Page Properties


Development

Status
colourGreen
titleCOMPLETE


Development Timeline1H2024
Upstreaming

Status
colourYellow
titleNOT STARTED


Upstream Version

gcc-15 (target)

Spring 2025




Contacts

Raphael Zinsly (Ventana)

Jeff Law (Ventana)


Dependencies

None




Updates

 

  • Using Alexy's scanner 6421 packages out of >22000 packages with RISC-V binaries, DSOs and relocatable .o files are potentially vulnerable to stack clash attacks
  •  A gcc-14.1.1 with Raphael's stack clash mitigations is building so that we can start testing how many of those 6421 vulnerabilities are fixed.

 

  • Using Alexy's scanner we're able to start scanning packages for issues.  Those issues which show potential problems can then be rebuilt with Raphael's work to verify the vulnerability has been closed.
  • ~22000 packages with binary data need scanning (out of > 65000 total packages)
  • Roughly 1/3rd of the packages are being flagged by Alexy's scanner.

...