Your message dated Fri, 13 Jan 2012 07:47:37 +0000
with message-id <[email protected]>
and subject line Bug#654793: fixed in firebird2.5 2.5.2~svn+53854.ds4-1
has caused the Debian Bug report #654793,
regarding Hardening flags not fully enabled
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
654793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654793
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: firebird2.5
Severity: important
Hi,
I'm currently checking all packages, which had a DSA in the last
year to enable hardened build flags. firebird2.5 has already been
updated to use dpkg-buildflags, but I noticed that not all flags
are fully in effect. You can use the hardening-check scripts from
the package hardening includes:
Out of the three hardening features from the Wheezy default set
(protected stack, fortified source and relro) not all are fully
applied, e.g.
root@pisco:~# hardening-check /usr/sbin/fb_inet_server
/usr/sbin/fb_inet_server:
Stack protected: no, not found!
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
root@pisco:~# hardening-check /usr/bin/fbsvcmgr
/usr/bin/fbsvcmgr:
Stack protected: yes
Fortify Source functions: no, no protected functions found!
Read-only relocations: yes
root@pisco:~# hardening-check /usr/lib/x86_64-linux-gnu/libfbclient.so.2.5.2
/usr/lib/x86_64-linux-gnu/libfbclient.so.2.5.2:
Stack protected: yes
Fortify Source functions: no, no protected functions found!
Read-only relocations: yes
The reason is likely that some parts of Firebird build system hardcode
specific flags, which nullify the hardened build flags?
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: firebird2.5
Source-Version: 2.5.2~svn+53854.ds4-1
We believe that the bug you reported is fixed in the latest version of
firebird2.5, which is due to be installed in the Debian FTP archive:
firebird-dev_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird-dev_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-classic-common_2.5.2~svn+53854.ds4-1_amd64.deb
to
main/f/firebird2.5/firebird2.5-classic-common_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-classic-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird2.5-classic-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-classic_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird2.5-classic_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-common-doc_2.5.2~svn+53854.ds4-1_all.deb
to main/f/firebird2.5/firebird2.5-common-doc_2.5.2~svn+53854.ds4-1_all.deb
firebird2.5-common_2.5.2~svn+53854.ds4-1_all.deb
to main/f/firebird2.5/firebird2.5-common_2.5.2~svn+53854.ds4-1_all.deb
firebird2.5-dev_2.5.2~svn+53854.ds4-1_all.deb
to main/f/firebird2.5/firebird2.5-dev_2.5.2~svn+53854.ds4-1_all.deb
firebird2.5-doc_2.5.2~svn+53854.ds4-1_all.deb
to main/f/firebird2.5/firebird2.5-doc_2.5.2~svn+53854.ds4-1_all.deb
firebird2.5-examples_2.5.2~svn+53854.ds4-1_all.deb
to main/f/firebird2.5/firebird2.5-examples_2.5.2~svn+53854.ds4-1_all.deb
firebird2.5-server-common_2.5.2~svn+53854.ds4-1_amd64.deb
to
main/f/firebird2.5/firebird2.5-server-common_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-super-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird2.5-super-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-super_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird2.5-super_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5-superclassic_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/firebird2.5-superclassic_2.5.2~svn+53854.ds4-1_amd64.deb
firebird2.5_2.5.2~svn+53854.ds4-1.debian.tar.gz
to main/f/firebird2.5/firebird2.5_2.5.2~svn+53854.ds4-1.debian.tar.gz
firebird2.5_2.5.2~svn+53854.ds4-1.dsc
to main/f/firebird2.5/firebird2.5_2.5.2~svn+53854.ds4-1.dsc
firebird2.5_2.5.2~svn+53854.ds4.orig.tar.gz
to main/f/firebird2.5/firebird2.5_2.5.2~svn+53854.ds4.orig.tar.gz
libfbclient2-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/libfbclient2-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
libfbclient2_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/libfbclient2_2.5.2~svn+53854.ds4-1_amd64.deb
libfbembed2.5_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/libfbembed2.5_2.5.2~svn+53854.ds4-1_amd64.deb
libib-util_2.5.2~svn+53854.ds4-1_amd64.deb
to main/f/firebird2.5/libib-util_2.5.2~svn+53854.ds4-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damyan Ivanov <[email protected]> (supplier of updated firebird2.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 13 Jan 2012 09:11:37 +0200
Source: firebird2.5
Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic
libfbclient2 libfbembed2.5 libib-util firebird2.5-common
firebird2.5-server-common firebird2.5-classic-common firebird-dev
firebird2.5-dev firebird2.5-examples firebird2.5-doc firebird2.5-common-doc
firebird2.5-super-dbg firebird2.5-classic-dbg libfbclient2-dbg
Architecture: source all amd64
Version: 2.5.2~svn+53854.ds4-1
Distribution: unstable
Urgency: low
Maintainer: Debian Firebird Group <[email protected]>
Changed-By: Damyan Ivanov <[email protected]>
Description:
firebird-dev - Development files for Firebird - an RDBMS based on InterBase 6.0
firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase
6.0 code
firebird2.5-classic-common - common files for firebird 2.5 "classic" and
"superclassic"
firebird2.5-classic-dbg - collected debug symbols for firebird2.5-classic and
-superclassic
firebird2.5-common - common files for firebird 2.5 servers and clients
firebird2.5-common-doc - copyright, licnesing and changelogs of firebird2.5
firebird2.5-dev - transitional package for firebird-dev
firebird2.5-doc - Documentation files for firebird database version 2.5
firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0
code
firebird2.5-server-common - common files for firebird 2.5 servers
firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0
code
firebird2.5-super-dbg - collected debug symbols for firebird2.5-super
firebird2.5-superclassic - Firebird SuperClassic Server - an RDBMS based on
InterBase 6.0 co
libfbclient2 - Firebird client library
libfbclient2-dbg - collected debug symbols for libfbclient2
libfbembed2.5 - Firebird embedded client/server library
libib-util - Firebird UDF support library
Closes: 654793
Changes:
firebird2.5 (2.5.2~svn+53854.ds4-1) unstable; urgency=low
.
* Snapshot from upstream's 2.5 branch, revision53854
+ includes support for CPPFLAGS. Closes: #654793 -- hardening flags not
fully applied. Thanks to Moritz Muehlenhoff and Alex Peshkoff.
+ update debian/copyright
.
* rules: declare build-arch as phony
* rules: convert build-super-and-classic phony target to a -stamp target
Checksums-Sha1:
2bbad5219ac73299ec5096e8861f4326e497381e 3201
firebird2.5_2.5.2~svn+53854.ds4-1.dsc
9e4ed64dd500655ec19eab51c24b4c5b9c554632 6927785
firebird2.5_2.5.2~svn+53854.ds4.orig.tar.gz
9863339736ff29cbb63030db5f4665328226be98 130633
firebird2.5_2.5.2~svn+53854.ds4-1.debian.tar.gz
0d6e1b8e7fde05e751e9fbbb62d433e9c91aa9cf 175856
firebird2.5-common_2.5.2~svn+53854.ds4-1_all.deb
172727ff85712ebad7f42e38e2c44f1d4114a7b1 844
firebird2.5-dev_2.5.2~svn+53854.ds4-1_all.deb
e09f5355d03edb4d45cc1587c071689fc6d7d360 168208
firebird2.5-examples_2.5.2~svn+53854.ds4-1_all.deb
fc7e906f5ff92d0411c207b457d02a8844e5d528 182260
firebird2.5-doc_2.5.2~svn+53854.ds4-1_all.deb
976068e4c481a14aee90a6327ec8772bb6148068 633026
firebird2.5-common-doc_2.5.2~svn+53854.ds4-1_all.deb
5115b59a3494643d3dc386151d4d8f0ccc00e08d 3459858
firebird2.5-super_2.5.2~svn+53854.ds4-1_amd64.deb
fdae47da812e730e8429fdb1e7e290d03e94b335 33786
firebird2.5-classic_2.5.2~svn+53854.ds4-1_amd64.deb
fec19cfc26be82c6d6c79a1fa1c6b57ddd9b05f4 212050
firebird2.5-superclassic_2.5.2~svn+53854.ds4-1_amd64.deb
22e2ea269c77fd64ad6fa64022ff7521b31084cd 339316
libfbclient2_2.5.2~svn+53854.ds4-1_amd64.deb
19fee874981f914e3fa2db6ef5f7ac962c2f2054 1921786
libfbembed2.5_2.5.2~svn+53854.ds4-1_amd64.deb
36458abf53de8d4fa02302ffea746ba77e05dc73 3906
libib-util_2.5.2~svn+53854.ds4-1_amd64.deb
ccda886ca2b507ba26004527c64bf92fe9d42d58 770642
firebird2.5-server-common_2.5.2~svn+53854.ds4-1_amd64.deb
43864d0b4cba6559b1446a15b4df021c4e46edbe 1527556
firebird2.5-classic-common_2.5.2~svn+53854.ds4-1_amd64.deb
a92e9821106802cbbaeb1de76509db12ad91cbf6 65412
firebird-dev_2.5.2~svn+53854.ds4-1_amd64.deb
cc28cff8a63390a0628d6ac6b992838eb3fe55fb 27049924
firebird2.5-super-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
50ae034a33565f5cc48066b2bcaf461a4261a3bd 28129606
firebird2.5-classic-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
4ff1390f6c05686140903ec0de22e43951f7f41f 1765180
libfbclient2-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
Checksums-Sha256:
1421cb09e2b326792e12a8db43b6a93f0b64b304b9c56c7fb062403a1dc70460 3201
firebird2.5_2.5.2~svn+53854.ds4-1.dsc
bda43b023a869f22dacff27f77da077e62047365acd318befbaa6242c575aa32 6927785
firebird2.5_2.5.2~svn+53854.ds4.orig.tar.gz
6661e61d1e5bbcbbfb775024a59aad38a29a8a2d48d19ad501cf86bf48b96e47 130633
firebird2.5_2.5.2~svn+53854.ds4-1.debian.tar.gz
a1186837239db24df424a00ece949449a0496f7c8a2b896b483dcafee0f0fc85 175856
firebird2.5-common_2.5.2~svn+53854.ds4-1_all.deb
5653f21e8a24de69e46737bba449a82824b6d905312113d02ca1f9087af17fde 844
firebird2.5-dev_2.5.2~svn+53854.ds4-1_all.deb
b37f48d85caee5a8af01b576273564a0e1e494d9d1a48c52307effc2e1832c19 168208
firebird2.5-examples_2.5.2~svn+53854.ds4-1_all.deb
cd9392342e4338c514aecd6eff29dbe723e88d255f212060d54178fb0ab69b0b 182260
firebird2.5-doc_2.5.2~svn+53854.ds4-1_all.deb
92620bfbf588c320d2462471eb60f93462ed755c1abe2ddb99b70405231e8e30 633026
firebird2.5-common-doc_2.5.2~svn+53854.ds4-1_all.deb
64b9047976ae718960b8437336f908243b52c86eab6105da3ab0e3a144c3c46f 3459858
firebird2.5-super_2.5.2~svn+53854.ds4-1_amd64.deb
9c933bad22c187e62548b96723b586afaec69290711894092ed609f146c1b4ca 33786
firebird2.5-classic_2.5.2~svn+53854.ds4-1_amd64.deb
25b00c4e7bf94a7034c97be0e9a5d38d7e7b3da9598d70501393bffbf34ddf52 212050
firebird2.5-superclassic_2.5.2~svn+53854.ds4-1_amd64.deb
14aa4fd0f8e741a2c73e08d0a6e8eee04f390beabf987e40ba8a48d9f4bdec7c 339316
libfbclient2_2.5.2~svn+53854.ds4-1_amd64.deb
78b4cae6e514d538abd2cdcea39311841cba0f774334b3e188594760a21c8fc9 1921786
libfbembed2.5_2.5.2~svn+53854.ds4-1_amd64.deb
b99473e8986a220d72e0eba815c345ea3ba15e7ebe8c7a15f9f4ff65fc40b67c 3906
libib-util_2.5.2~svn+53854.ds4-1_amd64.deb
4a2f7f2686ae75e7b3dd3f9c4c5a3c45e00053dc9a4d002b6cc28fea30d30f18 770642
firebird2.5-server-common_2.5.2~svn+53854.ds4-1_amd64.deb
c79a577d96bacaa34480e3bd4703530df84c6c9e84c9da8cbe722a6415d6b5e5 1527556
firebird2.5-classic-common_2.5.2~svn+53854.ds4-1_amd64.deb
ee72fc3fc35a09562a5cb7f99ca93cd8a1946227b0af5f1ffdeb35ff4173abec 65412
firebird-dev_2.5.2~svn+53854.ds4-1_amd64.deb
32b2ee9b48d28201ba387e167c333f9ff7c4b9d7cfd7a2bffa5764461741dd05 27049924
firebird2.5-super-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
ac79a765c906df0b4dd22f89c0ed3f08632a436cb89f7a5f68c148925c18562e 28129606
firebird2.5-classic-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
67035c6c582118a5d0326699c5e92f0a91e834fbf78884bea9c14f27032a64bd 1765180
libfbclient2-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
Files:
1acbe4c73157fc0c6385a3d80dab2c3e 3201 database optional
firebird2.5_2.5.2~svn+53854.ds4-1.dsc
6403e8cdbaaa33e27bcb7701a348d1b7 6927785 database optional
firebird2.5_2.5.2~svn+53854.ds4.orig.tar.gz
3040cf91f7ada47e143edcd704383cec 130633 database optional
firebird2.5_2.5.2~svn+53854.ds4-1.debian.tar.gz
fa133c7be465579f3320c9980fa42225 175856 database optional
firebird2.5-common_2.5.2~svn+53854.ds4-1_all.deb
ed1d196132f8881b583174ff3c554cf2 844 oldlibs extra
firebird2.5-dev_2.5.2~svn+53854.ds4-1_all.deb
95269bbec59c0508011b00d5fe6cddd5 168208 doc optional
firebird2.5-examples_2.5.2~svn+53854.ds4-1_all.deb
768be0cb5208fa9269f2a02446f69d49 182260 doc optional
firebird2.5-doc_2.5.2~svn+53854.ds4-1_all.deb
f3348f201518bad8064463dfeea09784 633026 doc optional
firebird2.5-common-doc_2.5.2~svn+53854.ds4-1_all.deb
44884e400febafae328e60c6303dd76e 3459858 database optional
firebird2.5-super_2.5.2~svn+53854.ds4-1_amd64.deb
6f9bb79341e82bc8d8aa974478e8a0b3 33786 database optional
firebird2.5-classic_2.5.2~svn+53854.ds4-1_amd64.deb
f52858c1f47781bb6d40b281a3aeed69 212050 database optional
firebird2.5-superclassic_2.5.2~svn+53854.ds4-1_amd64.deb
b2aee40e40adc2c553a740b7ea22850b 339316 libs optional
libfbclient2_2.5.2~svn+53854.ds4-1_amd64.deb
35f88874eab5bdbd5d9d3039817e6baf 1921786 libs optional
libfbembed2.5_2.5.2~svn+53854.ds4-1_amd64.deb
41b0b8831f6f33a5ba9275dd425ee40e 3906 libs optional
libib-util_2.5.2~svn+53854.ds4-1_amd64.deb
c30851893debc3067d910cdad8c2c994 770642 database optional
firebird2.5-server-common_2.5.2~svn+53854.ds4-1_amd64.deb
8ab5c339c0084eea0868dc5730acaefd 1527556 database optional
firebird2.5-classic-common_2.5.2~svn+53854.ds4-1_amd64.deb
87eb383d7b56002d850f546d4f61f860 65412 libdevel optional
firebird-dev_2.5.2~svn+53854.ds4-1_amd64.deb
08c98e7fd2367ada64b0ff50439ffce5 27049924 debug extra
firebird2.5-super-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
40b5e7a2ea507fb3a2875f9a35c9595c 28129606 debug extra
firebird2.5-classic-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
8c877e444759f9b9e0889be6df139577 1765180 debug extra
libfbclient2-dbg_2.5.2~svn+53854.ds4-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJPD90xAAoJENu+nU2Z0qAE6DkQAJZPZbbnRBJcx3ogW2Xg9vns
iX9PCSB8Xmh3th7y3uxGnoUNW3JsZz8gAag2eaTIGldwMSKrBSdHgNI9oTkB69Po
9rM3nEhsOTCsQWpUMZFtkdfJAwjE5rvmEl4PIbsMRxa0aoMTco2u2AIYsrA910/M
0wxNEmj68KYvuh2AaW97CtdO2GP3HBqrFwggRMuQsLY80P+38gELXssAU7ALOO9l
O49WxfsUsopRxyg7rLQ0Iot62NdSGc/Fvcah7KZRgs7wpbLFOxqaR9gQxLuezWim
FrP78Z1RT99pMFfq/0MBakTFfA9a6OJafBvXJGryZSdAV7BunRBoTvI9HuNBFaXJ
Xf4nIoHsZXXhgbfKXMzBebQuLTTTpZ6EV0a0os4sJbdl3fNeH7rNI7RGCyzHHiQE
FIaCY71LvD9KzNVd1dcDZf3g+HPjCzICVd0JHsgau3DMV4wX6G0mVk/DrV7FC9VP
zz0qN6xdF5nGrHKZFIJ1VLjANGX/Ox1b7O9us7dsPYKZQMrZpw8JquXt32SY6aUl
QQMBj9h35CP9UehcVOznX8Yc/ociOEDWuqlr7Axzf2kdtPAVNgM48wJ4hZLu7mt0
mjbsTitRIcJ9Yu6XF7p7ZbG1VZ/9MgIwnizyBwPa/yfxZ5rrq00BJo2VMtL5/Bip
s/rUfpNdOCQ/jpjg0rq+
=lC4G
-----END PGP SIGNATURE-----
--- End Message ---
