Package: e2fsprogs
Version: 1.42.1-1
Followup-For: Bug #654457
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear Maintainer,
It looks like the hardening flags weren't applied in 1.42.1-1.
For example:
$ hardening-check /sbin/fsck.ext4
/sbin/fsck.ext4:
Position Independent Executable: no, normal executable!
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
Read-only relocations: no, not found!
Immediate binding: no not found!
I'm not sure why the if construct doesn't work correctly, but the
original patch from Moritz should also work if dpkg-buildflags
doesn't exist (the flags are empty in that case).
Just set the default options before calling dpkg-buildflags (this
will cause some duplicate flags but that shouldn't hurt):
CFLAGS = -g -O2
CFLAGS += `dpkg-buildflags --get CFLAGS`
...
If you want to pass -Wl,-Bsymbolic-functions then just add it
after setting LDFLAGS with dpkg-buildflags:
LDFLAGS = `dpkg-buildflags --get LDFLAGS`
LDFLAGS += -Wl,-Bsymbolic-functions
Please also consider passing --enable-verbose-makecmds to
../configure by default so it's easier to see if the correct flags
were passed.
To check if the buildflags were applied correctly you can use the
hardening-check program in the hardening-includes package.
Regards,
Simon
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages e2fsprogs depends on:
ii e2fslibs 1.42.1-1
ii libblkid1 2.20.1-1.2
ii libc6 2.13-26
ii libcomerr2 1.42.1-1
ii libss2 1.42.1-1
ii libuuid1 2.20.1-1.2
ii util-linux 2.20.1-1.2
e2fsprogs recommends no packages.
Versions of packages e2fsprogs suggests:
pn e2fsck-static <none>
pn gpart <none>
pn parted <none>
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJPQRe0AAoJEJL+/bfkTDL5e7UP/iInhXfKgLJ719MN1rw8jfgZ
9hPCcfmuH++99KIzZzlsNg0HqUA1qOWM2GkUdIBqcPuFHv3FcuQJNkzWNeykYoqb
9V1e0RXUAVdxAM1Nu172r0fu6c3lG5JL9Hr4o1OFgss7TOKlH4shCkDTjMTEYzmr
bIFmPxB5gNr3R+TSPCiRrc+OxsjmYus7YGdminCa3sDrDKh5F5FA97slzkkoMrPX
fC2tUIfa3umvn65F7/aqenNhIwjhiZmNSj6IWjx9cZ0DLVS9xg5YCEtOQtisWH+C
ef1A801gmr5x4wR3nmXEBBoe1kfisPgoJXu5wRMkQIO9tfSbiKs1frEvNRE8NENU
G3ijprGSN4BJ+LpbdYU0A+t7k4Ikq31LWTrzYD/cA6zSHF2A++iOEf+ccSi2xTLs
awLJpykY0VqD9r9yoRYncqY/1VJ+vz9y1x/Rslwk900q/OW5bjUv7XQV6e8IhNDH
8P2X3CIy4xJMPNOcbZj+9vdKWS5ZuggVptk0vltjG2dQ01DLhbcdweAoU5z97vQl
hsh45y2kGYmFEa9YAD8dM1FM4qaeGOPYjHtLwZzkpAOGNMU849qx37DrpZx+7TLd
jd6aiR54JaQXmKGCAeAkWhZ/IQS6N4D6SPgZlG/wrHHbnVtncloSuTN8SJnxPleD
Y7EpBpiy3KvZEinvsrR8
=MjVR
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
