Package: gnumeric
Version: 1.10.17-1
Severity: important
Tags: patch
Please enable hardened build flags through dpkg-buildflags.
Patch attached. (dpkg-buildflags abides "noopt" from DEB_BUILD_OPTIONS)
Cheers,
Moritz
diff -aur gnumeric-1.10.17.harden/debian/rules gnumeric-1.10.17/debian/rules
--- gnumeric-1.10.17.harden/debian/rules 2011-06-18 13:43:08.000000000 +0200
+++ gnumeric-1.10.17/debian/rules 2012-01-29 11:16:29.000000000 +0100
@@ -73,13 +73,10 @@
confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE)
endif
-CFLAGS = -Wall -g
-
-ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
- CFLAGS += -O0
-else
- CFLAGS += -O2
-endif
+CFLAGS = `dpkg-buildflags --get CFLAGS`
+CFLAGS += -Wall
+LDFLAGS = `dpkg-buildflags --get LDFLAGS`
+CPPFLAGS = `dpkg-buildflags --get CPPFLAGS`
# Make the linker work a bit harder so dynamic loading can be done faster.
LDFLAGS += -Wl,-O1
@@ -108,7 +105,7 @@
mkdir build
cd build && env srcdir=`pwd`/.. \
- ../configure $(confflags) "CC=$(CC) $(LDFLAGS)" "CFLAGS=$(CFLAGS)"
+ ../configure $(confflags) CC="$(CC)" LDFLAGS="$(LDFLAGS)" CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)"
touch configure-stamp
Nur in gnumeric-1.10.17/debian: rules~.
