Package: gnumeric Version: 1.12.18-2 Severity: normal Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: timestamps
https://reproducible.debian.net/rb-pkg/testing/amd64/gnumeric.html shows that there are a series of gzip headers embedded in the .so aligned at 0x40 boundaries, which makes the build unreproducible: ../usr/lib/libspreadsheet-1.12.18.so readelf --all Offset 15444, 8 lines modified Offset 15444, 8 lines modified 15444 ··0x0090:···Name:·GLIBC_2.14··Flags:·none··Version:·7 15444 ··0x0090:···Name:·GLIBC_2.14··Flags:·none··Version:·7 15445 ··0x00a0:···Name:·GLIBC_2.3.4··Flags:·none··Version:·6 15445 ··0x00a0:···Name:·GLIBC_2.3.4··Flags:·none··Version:·6 15446 ··0x00b0:···Name:·GLIBC_2.2.5··Flags:·none··Version:·2 15446 ··0x00b0:···Name:·GLIBC_2.2.5··Flags:·none··Version:·2 15447 15447 15448 Displaying·notes·found·at·file·offset·0x000001c8·with·length·0x00000024: 15448 Displaying·notes·found·at·file·offset·0x000001c8·with·length·0x00000024: 15449 ··Owner·················Data·size\x9Description 15449 ··Owner·················Data·size\x9Description 15450 ··GNU··················0x00000014\x9NT_GNU_BUILD_ID·(unique·build·ID·bitstring) 15450 ··GNU··················0x00000014\x9NT_GNU_BUILD_ID·(unique·build·ID·bitstring) 15451 ····Build·ID:·275e51da0d13c6eb78736924300af8dbabe53aec 15451 ····Build·ID:·d5a8589f7f80fa851cb3258152d4db1c1b96c2d8 objdump --disassemble --full-contents Offset 1, 14 lines modified Offset 1, 14 lines modified 1 1 2 libspreadsheet-1.12.18.so:·····file·format·elf64-x86-64 2 libspreadsheet-1.12.18.so:·····file·format·elf64-x86-64 3 3 4 Contents·of·section·.note.gnu.build-id: 4 Contents·of·section·.note.gnu.build-id: 5 ·01c8·04000000·14000000·03000000·474e5500··............GNU. 5 ·01c8·04000000·14000000·03000000·474e5500··............GNU. 6 ·01d8·275e51da·0d13c6eb·78736924·300af8db··'^Q.....xsi$0... 6 ·01d8·d5a8589f·7f80fa85·1cb32581·52d4db1c··..X.......%.R... 7 ·01e8·abe53aec·····························..:.············ 7 ·01e8·1b96c2d8·····························....············ 8 Contents·of·section·.gnu.hash: 8 Contents·of·section·.gnu.hash: 9 ·01f0·ff030000·ad080000·00010000·0e000000··................ 9 ·01f0·ff030000·ad080000·00010000·0e000000··................ 10 ·0200·144602c0·d80232d0·00100024·06049061··.F....2....$...a 10 ·0200·144602c0·d80232d0·00100024·06049061··.F....2....$...a 11 ·0210·34102848·90b20111·1c2100a4·c0033009··4.(H.....!....0. 11 ·0210·34102848·90b20111·1c2100a4·c0033009··4.(H.....!....0. 12 ·0220·40719913·41114960·6329ae06·10671000··@q..A.I`c)...g.. 12 ·0220·40719913·41114960·6329ae06·10671000··@q..A.I`c)...g.. 13 ·0230·d295360a·03bc8334·b4000884·09d8da41··..6....4.......A 13 ·0230·d295360a·03bc8334·b4000884·09d8da41··..6....4.......A 14 ·0240·10244427·a062c220·148d8890·c0109799··.$D'.b.·........ 14 ·0240·10244427·a062c220·148d8890·c0109799··.$D'.b.·........ Offset 171136, 15 lines modified Offset 171136, 15 lines modified 171136 ·29c890·65737473·2e756900·676e6d3a·76696577··ests.ui.gnm:view 171136 ·29c890·65737473·2e756900·676e6d3a·76696577··ests.ui.gnm:view 171137 ·29c8a0·2e756900·676e6d3a·77626367·2e756900··.ui.gnm:wbcg.ui. 171137 ·29c8a0·2e756900·676e6d3a·77626367·2e756900··.ui.gnm:wbcg.ui. 171138 ·29c8b0·676e6d3a·77696c63·6f786f6e·2d6d616e··gnm:wilcoxon-man 171138 ·29c8b0·676e6d3a·77696c63·6f786f6e·2d6d616e··gnm:wilcoxon-man 171139 ·29c8c0·6e2d7768·69746e65·792e7569·00676e6d··n-whitney.ui.gnm 171139 ·29c8c0·6e2d7768·69746e65·792e7569·00676e6d··n-whitney.ui.gnm 171140 ·29c8d0·3a776f72·6b626f6f·6b2d6174·74722e75··:workbook-attr.u 171140 ·29c8d0·3a776f72·6b626f6f·6b2d6174·74722e75··:workbook-attr.u 171141 ·29c8e0·69000000·00000000·00000000·00000000··i............... 171141 ·29c8e0·69000000·00000000·00000000·00000000··i............... 171142 ·29c8f0·00000000·00000000·00000000·00000000··................ 171142 ·29c8f0·00000000·00000000·00000000·00000000··................ 171143 ·29c900·1f8b0800·672a1855·0003ed5c·db8edb36··....g*.U...\...6 171143 ·29c900·1f8b0800·012c1855·0003ed5c·db8edb36··.....,.U...\...6 171144 ·29c910·107dcf57·b07a2dbc·9724bd20·f03a48d3··.}.W.z-..$.·.:H. 171144 ·29c910·107dcf57·b07a2dbc·9724bd20·f03a48d3··.}.W.z-..$.·.:H. 171145 ·29c920·247d688b·0576933c·12b434b6·18d3a44a··$}h..v.<..4....J 171145 ·29c920·247d688b·0576933c·12b434b6·18d3a44a··$}h..v.<..4....J 171146 ·29c930·d2f6ba4f·fd967e5a·bfa44349·f6ae6dea··...O..~Z..CI..m. 171146 ·29c930·d2f6ba4f·fd967e5a·bfa44349·f6ae6dea··...O..~Z..CI..m. 171147 ·29c940·62d9ebb5·13014180·a53923f2·9073e642··b.....A..9#..s.B 171147 ·29c940·62d9ebb5·13014180·a53923f2·9073e642··b.....A..9#..s.B 171148 ·29c950·4addd777·6341a6a0·0d57f22a·b83cbb08··J..wcA...W.*.<.. 171148 ·29c950·4addd777·6341a6a0·0d57f22a·b83cbb08··J..wcA...W.*.<.. 171149 ·29c960·08c85045·5c0eaf82·8fb7ef3b·3f07af7b··..PE\......;?..{ 171149 ·29c960·08c85045·5c0eaf82·8fb7ef3b·3f07af7b··..PE\......;?..{ 171150 ·29c970·cfba5c5a·d0031642·ef1921dd·ef3a1db2··..\Z...B..!..:.. 171150 ·29c970·cfba5c5a·d0031642·ef1921dd·ef3a1db2··..\Z...B..!..:.. Offset 171248, 15 lines modified Offset 171248, 15 lines modified 171248 ·29cf90·c545e92c·f55d06fb·3ccd7d74·1e6cf8f1··.E.,.]..<.}t.l.. 171248 ·29cf90·c545e92c·f55d06fb·3ccd7d74·1e6cf8f1··.E.,.]..<.}t.l.. 171249 ·29cfa0·8dad89b0·4e04539f·ce4ee0db·1b51945d··....N.S..N...Q.] 171249 ·29cfa0·8dad89b0·4e04539f·ce4ee0db·1b51945d··....N.S..N...Q.] 171250 ·29cfb0·8faf2d51·8590079d·35645651·59f9b19b··..-Q....5dVQY... 171250 ·29cfb0·8faf2d51·8590079d·35645651·59f9b19b··..-Q....5dVQY... 171251 ·29cfc0·65069dec·96a3594a·ac346302·6312250d··e.....YJ.4c.c.%. 171251 ·29cfc0·65069dec·96a3594a·ac346302·6312250d··e.....YJ.4c.c.%. 171252 ·29cfd0·8ee622e8·3df88a56·f77ca55f·1de9879f··..".=..V.|._.... 171252 ·29cfd0·8ee622e8·3df88a56·f77ca55f·1de9879f··..".=..V.|._.... 171253 ·29cfe0·0df28aaf·35a643ba·9f40f7fc·c117f4fe··....5.C..@...... 171253 ·29cfe0·0df28aaf·35a643ba·9f40f7fc·c117f4fe··....5.C..@...... 171254 ·29cff0·075722ef·d7754f00·00000000·00000000··.W"..uO......... 171254 ·29cff0·075722ef·d7754f00·00000000·00000000··.W"..uO......... 171255 ·29d000·1f8b0800·672a1855·0003ed5a·c18edb36··....g*.U...Z...6 171255 ·29d000·1f8b0800·012c1855·0003ed5a·c18edb36··.....,.U...Z...6 171256 ·29d010·10bde72b·545e0bc5·eb6d5204·85ac0049··...+T^...mR....I 171256 ·29d010·10bde72b·545e0bc5·eb6d5204·85ac0049··...+T^...mR....I 171257 ·29d020·91204092·5eb6cd51·1853638b·31975449··.·@.^..Q.Sc.1.TI 171257 ·29d020·91204092·5eb6cd51·1853638b·31975449··.·@.^..Q.Sc.1.TI 171258 ·29d030·6a6dff7d·29c9f6ae·57942571·edac53f8··jm.})...W.%q..S. 171258 ·29d030·6a6dff7d·29c9f6ae·57942571·edac53f8··jm.})...W.%q..S. 171259 ·29d040·288a8fe4·bce19b21·478adeae·6e797087··(......!G...nyp. 171259 ·29d040·288a8fe4·bce19b21·478adeae·6e797087··(......!G...nyp. 171260 ·29d050·4a332926·64fcf28a·0428a84c·99984fc8··J3)&d....(.L..O. 171260 ·29d050·4a332926·64fcf28a·0428a84c·99984fc8··J3)&d....(.L..O. 171261 ·29d060·df371fc2·37e46dfc·2262c2a0·9a01c5f8··.7..7.m."b...... 171261 ·29d060·df371fc2·37e46dfc·2262c2a0·9a01c5f8··.7..7.m."b...... 171262 ·29d070·451044bf·8461b06b·0915fe5b·30853a98··E.D..a.k...[0.:. 171262 ·29d070·451044bf·8461b06b·0915fe5b·30853a98··E.D..a.k...[0.:. The change in each header moves from 672a1855 to 012c1855, which are timestamps of seconds since the epoch. The following patch should enable tools/embedder to use an externally-set timestamp, and debian/rules to export that timestamp based on the value in debian/changelog: --- a/debian/rules +++ b/debian/rules @@ -20,6 +20,11 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all UVER=$(shell dpkg-parsechangelog | grep Version | head -1 | sed -e 's/Version: //g' -e 's/-[A-Za-z0-9+\.]*$$//g') $(info I: UVER=$(UVER)) +LAST_CHANGE=$(shell dpkg-parsechangelog -S Date) +BUILD_TIMESTAMP=$(shell LC_ALL=C date -u "+%s" -d "$(LAST_CHANGE)") + +export BUILD_TIMESTAMP + CFLAGS += -Wall -g %: --- a/tools/embedder +++ b/tools/embedder @@ -32,6 +32,7 @@ my $unregfilefunc = "go_rsm_unregister_file"; my $id_prefix = ""; my @includes; +my $timestamp = $ENV{'BUILD_TIMESTAMP'} or time &GetOptions("register-function=s" => \$regfunc, "unregister-function=s" => \$unregfunc, @@ -98,7 +99,7 @@ if ($docompress) { my $zdata; - gzip \$data => \$zdata + gzip \$data => \$zdata, "Time" => $timestamp or die "gzip failed: $GzipError\n"; $data = $zdata; } WARNING: this is an untested patch, please verify before inflicting on the general public! --dkg -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (500, 'stable'), (200, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnumeric depends on: ii debconf [debconf-2.0] 1.5.56 ii gnumeric-common 1.12.18-2 ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.2 ii libatk1.0-0 2.14.0-1 ii libc6 2.19-18 ii libcairo2 1.14.0-2.1 ii libgdk-pixbuf2.0-0 2.31.1-2+b1 ii libglib2.0-0 2.42.1-1 ii libgoffice-0.10-10 0.10.18-1 ii libgsf-1-114 1.14.30-2 ii libgtk-3-0 3.14.5-1 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libxml2 2.9.1+dfsg1-5 ii procps 2:3.3.9-9 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages gnumeric recommends: ii evince 3.14.1-2 pn gnumeric-doc <none> ii lp-solve 5.5.0.13-7+b1 Versions of packages gnumeric suggests: ii fonts-liberation 1.07.4-1 pn gnumeric-plugins-extra <none> ii ttf-mscorefonts-installer 3.6 -- debconf-show failed -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
