On Tue, 02 Aug 2011, Kees Cook wrote:
> I have all of Ubuntu's "main" component's build logs local, to try to
> give us a quick measure (it's about 3500 packages out of the entire
> archive). I can search for the warning, but is there a good way to check
> that the package was built using dpkg-buil
On Tue, Aug 02, 2011 at 04:27:53PM -0700, Russ Allbery wrote:
> Raphael Hertzog writes:
>
> > I also wonder whether we should keep -Werror=format-security given that
> > no archive rebuild has been made with this option so we don't really
> > know how many packages will be affected by this.
>
>
Raphael Hertzog writes:
> I also wonder whether we should keep -Werror=format-security given that
> no archive rebuild has been made with this option so we don't really
> know how many packages will be affected by this.
I suspect "lots" based on personal experience, but also nearly every time
I'
[ Bcc: debian-dpkg to get a wider audience ]
Hello,
during Debconf I discussed with doko and a few of the tech-ctte members
to find a good solution for the problem of enabling hardening build flags.
Following that discussion I worked on a few dpkg-buildflags enhancement
that are now in the master
4 matches
Mail list logo
