-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-acf4d00fda 2024-04-30 01:03:28.418000 -------------------------------------------------------------------------------- Name : annobin Product : Fedora 40 Version : 12.51 Release : 1.fc40 URL : https://sourceware.org/annobin/ Summary : Annotate and examine compiled binary files Description : This package contains the tools needed to annotate binary files created by compilers, and also the tools needed to examine those annotations. One of the tools is a plugin for GCC that records information about the security options that were in effect when the binary was compiled. Note - the plugin is automatically enabled in gcc builds via flags provided by the redhat-rpm-macros package. One of the tools is a plugin for Clang that records information about the security options that were in effect when the binary was compiled. One of the tools is a plugin for LLVM that records information about the security options that were in effect when the binary was compiled. One of the tools is a security checker which analyses the notes present in annotated files and reports on any missing security options. -------------------------------------------------------------------------------- Update Information: Fixes a bug in annocheck which would stop it from running the "gaps" test if a binary only contained one annobin note. Fixes a bug in annocheck where it would FAIL AArch64 GO binaries for not having branch protection. Removes a spurious warning message issued by the annobin plugin when compiling C++ binaries. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 23 2024 Nick Clifton <nickc@xxxxxxxxxx> - 12.51-1 - Annocheck: Test for gaps even when only one note is present. * Mon Apr 22 2024 Nick Clifton <nickc@xxxxxxxxxx> - 12.50-1 - Annocheck: Skip AArch64 branch protection test for GO binaries. * Thu Apr 18 2024 Nick Clifton <nickc@xxxxxxxxxx> - 12.49-1 - GCC Plugin: Disable active check for -Wimplicit-int for non-C sources. (#2275884) - Annocheck: Ignore stack checks for AMD GPU binaries. - Annocheck: Do not produce FAIL result for i686 binaries in the RHEL-10 profile. - Annocheck: Test for __stack_chk_guard being writeable. - Annocheck: Update heuristics for detecting glibc code in executables. (RHEL-30579) - Clang & LLVM Plugins: Allow environment to override fortification level. (RHEL-30579) - Spec File: Override fortification level and set it to 3. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-acf4d00fda' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
