Your message dated Sat, 27 Jan 2018 23:19:47 +0000 with message-id <[email protected]> and subject line Bug#872740: fixed in libgfshare 2.0.0-4 has caused the Debian Bug report #872740, regarding libgfshare: please add bindnow hardening to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 872740: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872740 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Source: libgfshare Version: 2.0.0-2 Severity: wishlist Tags: patch Hi, gfshare package ships binaries that lack the "bindnow" linker flag which makes the Global Offset Table fully read-only. The bindnow feature trades startup time for improved security which seems sensible for libgfshare. Patch attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `-diff --git a/debian/rules b/debian/rules index c037ef8..77ac39f 100755 --- a/debian/rules +++ b/debian/rules @@ -1,5 +1,9 @@ #!/usr/bin/make -f +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +DPKG_EXPORT_BUILDFLAGS = 1 + include /usr/share/dpkg/default.mk ifneq ($(SOURCE_DATE_EPOCH),)
--- End Message ---
--- Begin Message ---Source: libgfshare Source-Version: 2.0.0-4 We believe that the bug you reported is fixed in the latest version of libgfshare, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie <[email protected]> (supplier of updated libgfshare package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 27 Jan 2018 21:53:35 +0000 Source: libgfshare Binary: libgfshare-bin libgfshare-dev libgfshare2 Architecture: source Version: 2.0.0-4 Distribution: unstable Urgency: medium Maintainer: Simon McVittie <[email protected]> Changed-By: Simon McVittie <[email protected]> Description: libgfshare-bin - utilities for multi-way secret-sharing libgfshare-dev - library for multi-way secret-sharing (headers) libgfshare2 - library for multi-way secret-sharing Closes: 872739 872740 Changes: libgfshare (2.0.0-4) unstable; urgency=medium . [ Simon McVittie ] * Move packaging to salsa.debian.org * Change Homepage and Source to gitano since the original website has gone away * Declare Debian Policy 4.1.3 compliance . [ Chris Lamb ] * Add support for nodoc build profile (Closes: #872739) * Build with all available compiler hardening (Closes: #872740) Checksums-Sha1: 5d858afe34c061bd10703023243bac414ce9e8cc 2180 libgfshare_2.0.0-4.dsc cf41c1db1b9b89b5c29ea2bded8bcb7defcd202c 6060 libgfshare_2.0.0-4.debian.tar.xz d5ece498a509edaa3216f23f6b52a97e23edca8f 7525 libgfshare_2.0.0-4_source.buildinfo Checksums-Sha256: 9c59fcea83155aaa443f0466f439eda6f9d7e6b84545857dcc40c65e70a9e6c4 2180 libgfshare_2.0.0-4.dsc 1b90830b38677d6c21240914545dedbd217a012a6f27876e4832880f53650942 6060 libgfshare_2.0.0-4.debian.tar.xz 48ade61b086b69cad2e95fff855c866047669e21fe3225e9d345eabf8a161ac4 7525 libgfshare_2.0.0-4_source.buildinfo Files: b524b37be787f13bed8f9d393a9e01f9 2180 devel optional libgfshare_2.0.0-4.dsc a6e0eede01363c9c9a428ec7b3390a3b 6060 devel optional libgfshare_2.0.0-4.debian.tar.xz 7db3ab3f3ed66220ef4f9ae546b4128d 7525 devel optional libgfshare_2.0.0-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAlptBgYACgkQ4FrhR4+B TE+fvxAAqWLPuczcWbxGhA+ewWDGYHnNBoi+wDsfiEEUf1wd1U7xHvUsLSsQBANt STUZHvfsjpQTTFp4x0AtHNyYJZgzwv//xkrvsaNk3bxe10tFxwGN1GiBBY3usoTr 3xPYMo4Bd9Y/TsWycHsMzPTQFzBxL8hCWVODzqfg8Kd7BPS0VrM/JPKJlPBNF7mc adf8QTJk3jWH24+56kkVnK6P3oE8QBlagrbLEqyx7iCHyVacqfPpXcZ6fd7mWsVT OKpeuFSHQGoBCcUui+6JinrOTDLCgVzcnPlHN9JDv80bIir0K/suXg3VK03Wep9r j5RWjFLWWWP2PiSbfIBsHg2GsdYYMZ0Zo+bs5w0Y8zyyr6oAjvvfvrjWcfwmzcqq FuTtjBRJefpIM7esPyuGqns8W06rmYO2976atDXUyBwQ/aN5mj7/d0QE2vffOZ9o b4e0Tig1c8RON/CZnabQxfBtIducpB6cGQkwMOHoGR9kcEHkQZVx5MUXc3Vqzkgj H6r9l0pEKWXjrV4LCdtGZBa2ptrftClrlLtDojl1oOj6uQD1bhEBiV0oZerRbp64 PANkROCHisg7guVOQ2mb5aHNksEH7LlC0oSx95aQXu4jgHQ9r/UxghJasKvG/5if 7qvxuIC0tX9EJ1U7aA11nj7G+reYmhcn+SJf8zPQ2uOOWfYMiGA= =GK1Z -----END PGP SIGNATURE-----
--- End Message ---
