From 471a32e83696f0ffef466b6fd4fded0ca2417620 Mon Sep 17 00:00:00 2001
From: Xi Ruoyao <xry111@xry111.site>
Date: Tue, 27 Sep 2022 10:47:11 +0800
Subject: whatsnew: add a paragraph about PIE+SSP change

---
 chapter01/whatsnew.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'chapter01')

diff --git a/chapter01/whatsnew.xml b/chapter01/whatsnew.xml
index 3c6df1428..e9a69bd04 100644
--- a/chapter01/whatsnew.xml
+++ b/chapter01/whatsnew.xml
@@ -11,6 +11,14 @@
 
   <title>What's new since the last release</title>
 
+  <para>In 11.3 release, <parameter>--enable-default-pie</parameter>
+  and <parameter>--enable-default-ssp</parameter> are enabled for GCC.
+  They can mitigate some type of malicious attacks but they cannot provide
+  a full protection.  In case if you are reading a programming textbook,
+  you may need to disable PIE and SSP with GCC options
+  <parameter>-fno-pie -no-pie -fno-stack-protection</parameter>
+  because some textbooks assume they were disabled by default.</para>
+
   <para>Below is a list of package updates made since the previous
   release of the book.</para>
 
-- 
cgit v1.2.3-54-g00ecf