Hi, So, recently it came to my attention that CDBS is not behaving very nicely with dpkg-buildflags, which is causing problems for us to meet the release goal of getting more packages built with compiler hardening enabled: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
Notably, I'm curious about this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651964 I think this is broken behavior on CDBS's part, and that the "some packages" mentioned should be fixed so that all the other packages aren't hampered by the problem. This is especially true in the face of: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651966 Which means there's no way sort of calling dpkg-buildflags directly to get a fully hardening build using only CDBS. :( What's the right way forward to have CDBS and dpkg-buildflags play nice together? :) Thanks, -Kees -- Kees Cook @debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111213231042.gp5...@outflux.net
