Package: rsync Version: 3.0.9-1 Followup-For: Bug #652248 Hello,
The original patch is missing CPPFLAGS which also contains hardening flags and as rsync might be used as network daemon additional hardening flags (pie, bindow) should be enabled as well. The attached patch adds the necessary changes. Regards, Simon -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages rsync depends on: ii base-files 6.5 ii libacl1 2.2.51-5 ii libc6 2.13-23 ii libpopt0 1.16-1 ii lsb-base 3.2-28 rsync recommends no packages. Versions of packages rsync suggests: pn openssh-client 1:5.9p1-2 pn openssh-server <none> -- no debconf information
diff -u rsync-3.0.9/debian/rules rsync-3.0.9/debian/rules --- rsync-3.0.9/debian/rules +++ rsync-3.0.9/debian/rules @@ -9,10 +9,13 @@ # my name from the file itself. (I assert my moral right of # paternity under the Copyright, Designs and Patents Act 1988.) +export DEB_BUILD_MAINT_OPTIONS = hardening=+all +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/buildflags.mk SHELL = /bin/bash BINS = rsync -CFLAGS= -Wall +CFLAGS += -Wall INSTALL = install INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644 INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755 diff -u rsync-3.0.9/debian/control rsync-3.0.9/debian/control --- rsync-3.0.9/debian/control +++ rsync-3.0.9/debian/control @@ -2,7 +2,7 @@ Section: net Priority: optional Maintainer: Paul Slootman <p...@debian.org> -Build-Depends: libpopt-dev,libacl1-dev,libattr1-dev +Build-Depends: dpkg-dev (>= 1.16.1.1),libpopt-dev,libacl1-dev,libattr1-dev Standards-Version: 3.9.2.0 Homepage: http://rsync.samba.org/
