Package: dpkg Version: 1.15.8 While refactoring code, it happened twice that we introduced buffer overflows that went unnoticed... we should really avoid this by building dpkg with hardening options like -fstack-protector.
http://wiki.debian.org/Hardening and the sources of hardening-wrapper suggest that this option should not be used on ia64 alpha mips mipsel hppa arm. On arm it's blacklisted because it generates incorrect code apparently (it's ok on armel) but on the other it could be catched by a configure test since gcc outputs: "warning: -fstack-protector not supported for this target" Maybe we should use -D_FORTIFY_SOURCE=2 too. (This is just a reminder for us, we discussed it on IRC and it should go in 1.15.9) Cheers, -- Raphaël Hertzog ◈ Debian Developer ◈ [Flattr=20693] Follow my Debian News ▶ http://RaphaelHertzog.com (English) ▶ http://RaphaelHertzog.fr (Français) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
