Your message dated Tue, 27 Sep 2011 19:49:46 +0000
with message-id <e1r8df0-0004zi...@franck.debian.org>
and subject line Bug#643460: fixed in qfits 6.2.0-5
has caused the Debian Bug report #643460,
regarding qfits: FTBFS: hierarch28.c:576:5: error: format not a string literal
and no format arguments [-Werror=format-security]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
643460: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643460
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: qfits
Version: 6.2.0-4
Severity: serious
Tags: wheezy sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20110923 qa-ftbfs hardening-format-security hardening
Justification: FTBFS on amd64
Hi,
During a rebuild of all packages in sid, your package failed to build on
amd64.
Relevant part:
> if x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../src -Wall -g -O2
> -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat
> -Wformat-security -Werror=format-security -MT hierarch28.o -MD -MP -MF
> ".deps/hierarch28.Tpo" -c -o hierarch28.o hierarch28.c; \
> then mv -f ".deps/hierarch28.Tpo" ".deps/hierarch28.Po"; else rm -f
> ".deps/hierarch28.Tpo"; exit 1; fi
> hierarch28.c: In function 'generate_default_convtab':
> hierarch28.c:576:5: error: format not a string literal and no format
> arguments [-Werror=format-security]
> hierarch28.c:577:5: error: format not a string literal and no format
> arguments [-Werror=format-security]
> hierarch28.c:578:5: error: format not a string literal and no format
> arguments [-Werror=format-security]
> hierarch28.c:579:5: error: format not a string literal and no format
> arguments [-Werror=format-security]
> cc1: some warnings being treated as errors
>
> make[3]: *** [hierarch28.o] Error 1
The full build log is available from:
http://people.debian.org/~lucas/logs/2011/09/23/qfits_6.2.0-4_lsid64.buildlog
This happened because since dpkg 1.16.0 [0], hardening flags are enabled
under various conditions.
[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot. Internet was not
accessible from the build systems.
--- End Message ---
--- Begin Message ---
Source: qfits
Source-Version: 6.2.0-5
We believe that the bug you reported is fixed in the latest version of
qfits, which is due to be installed in the Debian FTP archive:
libqfits-dev_6.2.0-5_amd64.deb
to main/q/qfits/libqfits-dev_6.2.0-5_amd64.deb
libqfits0_6.2.0-5_amd64.deb
to main/q/qfits/libqfits0_6.2.0-5_amd64.deb
qfits-tools_6.2.0-5_amd64.deb
to main/q/qfits/qfits-tools_6.2.0-5_amd64.deb
qfits_6.2.0-5.debian.tar.gz
to main/q/qfits/qfits_6.2.0-5.debian.tar.gz
qfits_6.2.0-5.dsc
to main/q/qfits/qfits_6.2.0-5.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 643...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Aurelien Jarno <aure...@debian.org> (supplier of updated qfits package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 27 Sep 2011 19:24:20 +0200
Source: qfits
Binary: libqfits0 libqfits-dev qfits-tools
Architecture: source amd64
Version: 6.2.0-5
Distribution: unstable
Urgency: low
Maintainer: Aurelien Jarno <aure...@debian.org>
Changed-By: Aurelien Jarno <aure...@debian.org>
Description:
libqfits-dev - Development files for libqfits
libqfits0 - Library offering easy access to FITS files
qfits-tools - FITS manipulation tools
Closes: 643460
Changes:
qfits (6.2.0-5) unstable; urgency=low
.
* Add 03-fortify.diff to fix format string vulnerability (closes:
#643460).
Checksums-Sha1:
fc60f39a1bebbcbde8e3a0c27bb9ebf8fb64664a 1168 qfits_6.2.0-5.dsc
4c91f60ad6fee87dd611e24c464693dcd1620df6 4555 qfits_6.2.0-5.debian.tar.gz
03537aa04aa0ff02fafe56223f7c464e34f39de1 43772 libqfits0_6.2.0-5_amd64.deb
e59da5337d4b40686aa24eccec472079cfe9d40d 54350 libqfits-dev_6.2.0-5_amd64.deb
40f060568f716052b69670be0bce4e0d7a5f38f5 52150 qfits-tools_6.2.0-5_amd64.deb
Checksums-Sha256:
9ca0ec9aae78cda57c40cd7bedc95120c1a7c65d69f5f5d2b9d5738c567f33d4 1168
qfits_6.2.0-5.dsc
cee378540c286e384203a6f05ad0cf74e48589744e17d10ff1653fb229825b2e 4555
qfits_6.2.0-5.debian.tar.gz
26140cf978bf3b7b2651bd8243ab94aaa4c83653e14669bfdb16a4f47f67eaad 43772
libqfits0_6.2.0-5_amd64.deb
58238c616199f8eff28bdeb2ccbd70f8a0412326eb6664d7d2390e923e136359 54350
libqfits-dev_6.2.0-5_amd64.deb
8a70e6bb0b34c04add8e94bb672aabe54486cae60ef95e4e159aeeb66c3cec98 52150
qfits-tools_6.2.0-5_amd64.deb
Files:
64e90e805645eb16de483b3de7c52b4b 1168 libs optional qfits_6.2.0-5.dsc
2082fcb7d04382ccedd105197881771e 4555 libs optional qfits_6.2.0-5.debian.tar.gz
d548849cd22616057b6b5ab6c1ae6af0 43772 libs optional
libqfits0_6.2.0-5_amd64.deb
3b00c2c903fd83ccc0d336fd1adf0b91 54350 libdevel optional
libqfits-dev_6.2.0-5_amd64.deb
0f3c338dfcc120f3c49e1be4fd412f3e 52150 science optional
qfits-tools_6.2.0-5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOgiZdw3ao2vG823MRAhRFAJ0TdMT3yakaRRyosOzsYSvN2UJEtgCdFqhf
g9LCC3m4iOwTv/1Nij0a664=
=L4EM
-----END PGP SIGNATURE-----
--- End Message ---
