Package: dpkg,hardening-wrapper
With GCC 6 (and backported to GCC 5), GCC can be configured with
--enable-default-pie. DEB_BUILD_*OPTIONS allows explicit disabling of some
features, however with changed defaults, all these settings are a no-op.
Therefore please don't assume any defaults settings, but set these flags explicitly.
For this example, when seeing -pie, add -fno-PIE to C*FLAGS, -no-pie to LDFLAGS.
But also consider explicitly adding -O0 to C*FLAGS when noopt is passed. This
should apply to any feature are settable by DEB_BUILD_*OPTIONS.
