On Sat, Apr 07, 2012 at 07:42:50PM +0200, Pino Toscano wrote: > Hi, > > This isn't matter of being "unnecessary" (which I didn't imply at all), > but of being nonsense to have to fix *all* the cmake packages like that.
Hello, Yeah, that's what I meant with unnecessary - unnecessary if CMake would correctly respect them. > Modestas is working to make cmake work to handle CPPFLAGS; even if cmake > wouldn't, the logical place for such flags addition would be the > debhelper cmake.pm class and the cmake.mk cdbs module, which would cover > basically almost all the packages that in Debian are built using cmake. I don't know debhelper very well, but I think changing that would require raising the compat level - which means it would take quite a while to get the flags correctly enabled. >> To accomplish the hardening flags release goal for Wheezy, adding >> the CPPFLAGS manually seems to be the only way. > > Not in each and every package, sorry. Could you add the fix for those of your packages which are priority important or are security relevant (parse untrusted data) or had a DSA? Regards, Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9
pgpEY868L8OMc.pgp
Description: PGP signature
