Package: yubikey-personalization-gui Severity: wishlist This package generates a lintian warning:
N: Processing binary package yubikey-personalization-gui (version 3.1.22-1, arch amd64) ... I: yubikey-personalization-gui: hardening-no-fortify-functions usr/bin/yubikey-personalization-gui N: N: This package provides an ELF binary that lacks the use of fortified libc N: functions. Either there are no potentially unfortified functions called N: by any routines, all unfortified calls have already been fully validated N: at compile-time, or the package was not built with the default Debian N: compiler flags defined by dpkg-buildflags. If built using N: dpkg-buildflags directly, be sure to import CPPFLAGS. N: N: NB: Due to false-positives, Lintian ignores some unprotected functions N: (e.g. memcpy). N: N: Refer to https://wiki.debian.org/Hardening and N: https://bugs.debian.org/673112 for details. N: N: Severity: normal, Certainty: wild-guess N: N: Check: binaries, Type: binary, udeb I have read https://wiki.debian.org/Hardening but haven't been able to fix this. Running blhc on the buid log produces nothing: jas@latte:~/src/yubikey-personalization-gui-dpkg$ blhc ../yubikey-personalization-gui_3.1.22-1_amd64.build jas@latte:~/src/yubikey-personalization-gui-dpkg$ Indeed hardening-check complains about fortify source functions: jas@latte:~/src/yubikey-personalization-gui-dpkg$ hardening-check /usr/bin/yubikey-personalization-gui /usr/bin/yubikey-personalization-gui: Position Independent Executable: yes Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes jas@latte:~/src/yubikey-personalization-gui-dpkg$ Please help if you can! /Simon
pgpmhVDKN6GE_.pgp
Description: OpenPGP digital signatur
