Package: r-base-dev Version: 3.0.2-1 I have just built r-cran-raschsampler, and lintian moans: the build log contains the following:
make[1]: Entering directory `/home/jdg/debian/raschsampler/build-area/raschsampl er-0.8-6/src' gfortran -fpic -O3 -pipe -g -c RaschSampler.f90 -o RaschSampler.o gfortran -shared -o RaschSampler.so RaschSampler.o -L/usr/lib/R/lib -lR and then lintian says: W: r-cran-raschsampler: hardening-no-relro usr/lib/R/site-library/RaschSampler/libs/RaschSampler.so When I run dpkg-buildflags, the output is: CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security CPPFLAGS=-D_FORTIFY_SOURCE=2 CXXFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security FFLAGS=-g -O2 LDFLAGS=-Wl,-z,relro I have poked through cdbs, and it seems to use the dpkg-buildflags program to figure out the default build flags, so somewhere, somehow, that is either being ignored or overwritten. But I haven't had the time to figure out where, unfortunately. It would be good to look into this, so that binaries are hardened. Julian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
