Source: xmltooling
Severity: important
Tags: patch
Please enabled hardened build flags through dpkg-buildflags.
I've attached a partial patch. It enables a protected stack and
read-only relocs.
Fortified source functions are not properly enabled. I haven't
debugged this further, but it seems as if CPPFLAGS (-D_FORTIFY_SOURCE=2)
isn't properly propagated in the upstream build system. You might
want to take this upstream or clone the bug.
Cheers,
Moritz
diff -aur xmltooling-1.4.2.harden/debian/rules xmltooling-1.4.2/debian/rules
--- xmltooling-1.4.2.harden/debian/rules 2011-07-26 00:44:18.000000000 +0200
+++ xmltooling-1.4.2/debian/rules 2012-01-20 18:49:26.000000000 +0100
@@ -9,7 +9,7 @@
endif
override_dh_auto_configure:
- dh_auto_configure -- --disable-dependency-tracking $(DEBUG)
+ dh_auto_configure -- --disable-dependency-tracking $(DEBUG) $(shell dpkg-buildflags --export=configure)
override_dh_installdocs:
dh_installdocs -A doc/NOTICE.txt
Nur in xmltooling-1.4.2/debian: rules~.
