I know that the article specifically says that ASLR was defeated, but I wonder if these other compiler/linker mitigations prevent (some of) these vulnerabilities (specifically fortify)?

The "hardening-check" perl script is available from EPEL on redhat platforms. Here I use it to report mitigations in an old FWTK component that I use for an internal legacy system.

    $ hardening-check /home/fwjail/usr/local/etc/ftp-gw
    /home/fwjail/usr/local/etc/ftp-gw:
    Position Independent Executable: yes
    Stack protected: yes
    Fortify Source functions: yes (some protected functions found)
    Read-only relocations: yes
    Immediate binding: yes

    $ rpm -qi hardening-check | grep ^URL
    URL : http://packages.debian.org/hardening-wrapper

Previously discussed here: https://news.ycombinator.com/item?id=25919235