Your message dated Tue, 30 Jul 2013 13:03:42 +0000
with message-id <[email protected]>
and subject line Bug#613763: fixed in totem 3.0.1-9
has caused the Debian Bug report #613763,
regarding please enable PIE and Immediate binding
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
613763: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613763
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: totem
Version: 2.30.2-2
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu natty ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* debian/{control{,.in},rules}: enable PIE build for security hardening.
Since totem deals with media files, it should be hardened against potential
malicious attacks. This patch enables the hardening features in the toolchain.
Thanks for considering the patch.
-Kees
-- System Information:
Debian Release: squeeze/sid
APT prefers natty
APT policy: (500, 'natty')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-3-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
totem-gstreamer depends on no packages.
diff -u totem-2.32.0/debian/control totem-2.32.0/debian/control
--- totem-2.32.0/debian/control
+++ totem-2.32.0/debian/control
@@ -10,6 +10,7 @@
XSBC-Original-Maintainer: Sebastien Bacher <[email protected]>
Uploaders: Debian GNOME Maintainers <[email protected]>
Build-Depends: debhelper (>= 5.0.51~),
+ hardening-wrapper,
cdbs,
gnome-common,
quilt,
diff -u totem-2.32.0/debian/rules totem-2.32.0/debian/rules
--- totem-2.32.0/debian/rules
+++ totem-2.32.0/debian/rules
@@ -2,6 +2,7 @@
#-*- makefile -*-
#export DH_VERBOSE=1
+export DEB_BUILD_HARDENING=1
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/class/gnome.mk
diff -u totem-2.32.0/debian/changelog totem-2.32.0/debian/changelog
diff -u totem-2.32.0/debian/control.in totem-2.32.0/debian/control.in
--- totem-2.32.0/debian/control.in
+++ totem-2.32.0/debian/control.in
@@ -5,6 +5,7 @@
XSBC-Original-Maintainer: Sebastien Bacher <[email protected]>
Uploaders: @GNOME_TEAM@
Build-Depends: debhelper (>= 5.0.51~),
+ hardening-wrapper,
cdbs,
gnome-common,
quilt,
--- End Message ---
--- Begin Message ---
Source: totem
Source-Version: 3.0.1-9
We believe that the bug you reported is fixed in the latest version of
totem, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <[email protected]> (supplier of updated totem package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 30 Jul 2013 14:38:30 +0200
Source: totem
Binary: libtotem0 totem totem-mozilla totem-common totem-dbg totem-plugins
gir1.2-totem-1.0 libtotem-dev
Architecture: source all amd64
Version: 3.0.1-9
Distribution: unstable
Urgency: low
Maintainer: Debian GNOME Maintainers
<[email protected]>
Changed-By: Michael Biebl <[email protected]>
Description:
gir1.2-totem-1.0 - GObject introspection data for Totem media player
libtotem-dev - Main library for the Totem media player - development files
libtotem0 - Main library for the Totem media player
totem - Simple media player for the GNOME desktop based on GStreamer
totem-common - Data files for the Totem media player
totem-dbg - Debugging symbols for the Totem media player
totem-mozilla - Totem Mozilla plugin
totem-plugins - Plugins for the Totem media player
Closes: 613763
Changes:
totem (3.0.1-9) unstable; urgency=low
.
[ Josselin Mouette ]
* Enable all hardening flags. Closes: #613763.
* Add corresponding build-dependency on a recent dpkg-dev.
* Add missing epochs on libxrandr and libxxf86vm build-dependencies.
.
[ Michael Biebl ]
* Build against tracker 0.16.
Checksums-Sha1:
9a843e5e7cd6d01c1599edf2a36d22a9e597f000 3534 totem_3.0.1-9.dsc
c4430e4fd11e3691c07b5ec0b65f10ab6240f57d 49864 totem_3.0.1-9.debian.tar.gz
af2d986a5a8e17c2a28d39e3854fd154b7c10621 2083652 totem-common_3.0.1-9_all.deb
0d5eaca37a9ba713771453b22aa80604dfc7b0fe 322324 libtotem0_3.0.1-9_amd64.deb
76324f4dcfa9a0639fec8174ac76a6689c120065 359390 totem_3.0.1-9_amd64.deb
75571fa576a588f250f92029a13902478e8a59af 240206 totem-mozilla_3.0.1-9_amd64.deb
ee3cdfb14a170d03c5ae1fd481c9b3d41f97ab8e 1375788 totem-dbg_3.0.1-9_amd64.deb
c971fd3d48b54999415fc00e53d2e4b67b344b67 333112 totem-plugins_3.0.1-9_amd64.deb
ab7827518ec9062bfe51358d980b35a26ad96928 175540
gir1.2-totem-1.0_3.0.1-9_amd64.deb
23730726ff2ddba8f6485da271f908672383e349 185060 libtotem-dev_3.0.1-9_amd64.deb
Checksums-Sha256:
45cb3d7c72dccafd458e3d1d7dc81fa797e6d67f5af00549a2ddb3d7e160ac5c 3534
totem_3.0.1-9.dsc
00590953e35e71a55edacf46d2d3a87a35dab800d42567787eeae34f7b337f78 49864
totem_3.0.1-9.debian.tar.gz
e4ea0c186ab7a840af44d22a07dd2ca7c4974cc6d8b89e16046873b4c73f77cb 2083652
totem-common_3.0.1-9_all.deb
db164ba0249a72735b59b7584467a9ac082667191b3172e14be03b0ac9076c22 322324
libtotem0_3.0.1-9_amd64.deb
145b07aaa46f796ad06934ed4de9edc4e00fb086482298541f584bc93533c2ca 359390
totem_3.0.1-9_amd64.deb
80f6a9772cc531acbb64fff3eeb24ab13e7cacb79746de3270d582e3a81d9264 240206
totem-mozilla_3.0.1-9_amd64.deb
e1d5999aab097afd2222c9dc7439cfea52517578b24a9966094127989411f26d 1375788
totem-dbg_3.0.1-9_amd64.deb
e17537c7630c9f294784b359ac4015c56436938db05e5786087319a37f23ba9a 333112
totem-plugins_3.0.1-9_amd64.deb
d8249d681233b1cc1a55097d324a8ab7e729cca31a6fb4d21c7f40da3ad4458b 175540
gir1.2-totem-1.0_3.0.1-9_amd64.deb
aa3e22366bf44854e2380d6d69ea63a6549df2d9b08304b1a9509401b7631662 185060
libtotem-dev_3.0.1-9_amd64.deb
Files:
8298948d9cb2e98e531308f3f3149f8e 3534 video optional totem_3.0.1-9.dsc
f465a1b5564b16a67c86b7bbe5b6cf22 49864 video optional
totem_3.0.1-9.debian.tar.gz
e0a39a9eab3a5962ed183ca1f542d537 2083652 video optional
totem-common_3.0.1-9_all.deb
c60d46fdd1fe3cc342481c743703fcac 322324 video optional
libtotem0_3.0.1-9_amd64.deb
7b7d1140058174720483801b33627418 359390 video optional totem_3.0.1-9_amd64.deb
4a804c98c17fd630c2780f987c7c2621 240206 video optional
totem-mozilla_3.0.1-9_amd64.deb
3e92751acac6e40963682b39bbb808c3 1375788 debug extra
totem-dbg_3.0.1-9_amd64.deb
21d3e196e27094c14779bef7b4a5c151 333112 video optional
totem-plugins_3.0.1-9_amd64.deb
ca395249ff5c8741bcb97af95ea15938 175540 introspection optional
gir1.2-totem-1.0_3.0.1-9_amd64.deb
fb0b1bd7519ba689830ca63bf2bfbb03 185060 libdevel optional
libtotem-dev_3.0.1-9_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCAAGBQJR97UsAAoJEGrh3w1gjyLcqa8P/1lTyGPyhVHy+va3bqqq/dRQ
N3NMSqDZMxHTSkhGnXjv4/k1cZJ/iYAwzma8joGQomIqL4gzRDFL4P8BtmnF0SQ+
1jAI4YQs3dPCXfgQAY+GMecFcN7k1u5JGKtzmlkrvjdLJhPYmnw5LHx6Ks+pCmsF
uiSFKFwtJduxT8u8jEkOXlFvrt4Zq7Ggs3YA4z9nkJ5JqkfqUEtLX++FPOryhmLI
WdqRX0ALyoE61ntAd7maueRikg17UjRDLOvnkZH2SNDokZOw5ozEUdlAe2GYs3a8
ya0wR7T7nxze4ezopgLU0XAWlLopNaaOcRSwvECKeF8EX/kVuilWPcJESrelGJBp
Ot1k68WUaE6O8dO+pERJrx14V1FazAELyMm5so7gRZl1/SaJMuM4CzvBRqcJdjyl
MtrAcRZuCpXFO+BXYgbMO8Zq1+J5gaVTOSy0pmz5SkGFlzu1jkSLJjBo1JLCZc6A
rOHSi7K+ptgsVrQeqveWuJDGGVJfgYa4exNtPbQ95j2HQanNTG42c9/JHlN6eRIQ
TcklFcQHOLujQ3u1bEFbtdo3l90Q3+oytHreYLiH5x1nBsyeS7tqT4XA4AYXyqmr
Rp/Nv+VRejEhvZPg/9/lNEci0IABdJ4Rr/n2zxGqabVki+EzsXXOLGy8KyM17HKy
bVxKof/8xGZAk8kZLlxe
=cPny
-----END PGP SIGNATURE-----
--- End Message ---
