Package: sniffit Version: 0.3.7.beta-15.1 Severity: normal Tags: patch User: hardening-disc...@lists.alioth.debian.org Usertags: goal-hardening
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardening options is a proposed release goal for Wheezy [1]. Having important package compiled with the hardening options will add various protections against issues such as stack smashing, predictable locations of values in memory, etc. I have rebuilt the package with hardening options enabled and there was no error (during build, or at runtime). The attached patch adds a minimal modification to the debian/rules file to add support for hardening flags (other methods are available). Note that PIE and bindnow are not enabled by default, and that you can decide to enable this options for additional features (see the following link for details). You can control and enable/disable each hardening flag independently, see http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html for details. [1] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags - -- Regards, dai -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk7NsfkACgkQglIHF/kTvg/O7gCgxWghTczN2JzAS+RvnN60x4Xj tGQAnivRzOqIjczPLrTjwYw4XpO+YBMz =HVxb -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
