whatsnew: add a paragraph about PIE+SSP change

author: Xi Ruoyao <xry111@xry111.site> 2022-09-27 10:47:11 +0800
committer: Xi Ruoyao <xry111@xry111.site> 2022-09-27 10:47:11 +0800
commit: 471a32e83696f0ffef466b6fd4fded0ca2417620 (patch)
tree: 6536f6617e82a74d4f6722192caa1240497e4f66 /chapter01
parent: f427ba2336446315375c372da8a30cd66a04be06 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/chapter01/whatsnew.xml b/chapter01/whatsnew.xml
index 3c6df1428..e9a69bd04 100644
--- a/chapter01/whatsnew.xml
+++ b/chapter01/whatsnew.xml
@@ -11,6 +11,14 @@
 
   <title>What's new since the last release</title>
 
+  <para>In 11.3 release, <parameter>--enable-default-pie</parameter>
+  and <parameter>--enable-default-ssp</parameter> are enabled for GCC.
+  They can mitigate some type of malicious attacks but they cannot provide
+  a full protection.  In case if you are reading a programming textbook,
+  you may need to disable PIE and SSP with GCC options
+  <parameter>-fno-pie -no-pie -fno-stack-protection</parameter>
+  because some textbooks assume they were disabled by default.</para>
+
   <para>Below is a list of package updates made since the previous
   release of the book.</para>
author	Xi Ruoyao <xry111@xry111.site>	2022-09-27 10:47:11 +0800
committer	Xi Ruoyao <xry111@xry111.site>	2022-09-27 10:47:11 +0800
commit	471a32e83696f0ffef466b6fd4fded0ca2417620 (patch)
tree	6536f6617e82a74d4f6722192caa1240497e4f66 /chapter01
parent	f427ba2336446315375c372da8a30cd66a04be06 (diff)