Source: libbg1-dev Version: 1.106-2 Severity: important User: bal...@balintreczey.hu Usertags: pie-bindnow-20160906 Justification: makes ucspi-unix FTBFS with extra hardening Affects: ucspi-unix
Dear Maintainers, During a rebuild of all packages in sid, ucspi-unix failed to build on amd64 with patched GCC and dpkg. The root cause seems to be that libinstaller.a is shipped as a non-PIC library. The rebuild tested if packages are ready for a transition enabling PIE and bindnow for amd64 (and selected architectures). For more information about the changes to sid's dpkg and GCC please visit: https://wiki.debian.org/Hardening/PIEByDefaultTransition Relevant part of ucspi-unix's build log: ... ./compile insthier.c ./load insthier -linstaller /usr/bin/ld: /usr/lib/bglibs/lib/libinstaller.a(installer.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC ... The full build log is available from: https://people.debian.org/~rbalint/build-logs/pie-bindnow-20160906/ucspi-unix_0.36-4_amd64.build.gz Thanks, Balint
