Source: gkrellm Version: 2.3.5-3 Severity: normal User: [email protected] Usertags: hardening-format-security hardening
the package gkrellm fails to compile with the new hardened compiler flags dpkg-buildflag outputs [0]. The problematic flag is: -Werror=format-security See the ubuntu buildlog: https://launchpadlibrarian.net/83135544/buildlog_ubuntu-precise-i386.gkrellm_2.3.5-3_FAILEDTOBUILD.txt.gz Snippet: cc -c -Wall -O2 `pkg-config --cflags glib-2.0 gthread-2.0` -I.. -I../shared -DGKRELLM_SERVER -DENABLE_NLS -DLOCALEDIR=\"/usr/share/locale\" -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 main.c -o main.o main.c: In function 'gkrellmd_syslog_log': main.c:190:2: error: format not a string literal and no format arguments [-Werror=format-security] main.c: In function 'detach_from_terminal': main.c:1101:7: warning: ignoring return value of 'chdir', declared with attribute warn_unused_result [-Wunused-result] cc1: some warnings being treated as errors The buildflags are not exported in debian, but can be enabled e.g. by adding this to debian/rules: DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk Please fix the issues and maybe also enable the hardened build in debian. [0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
signature.asc
Description: OpenPGP digital signature
