Your message dated Wed, 15 Jan 2025 15:23:28 +0000
with message-id <[email protected]>
and subject line Bug#1091671: fixed in liboprf 0.6.1-1
has caused the Debian Bug report #1091671,
regarding liboprf: unconditionally sets FORTIFY_SOURCE=2 flag
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1091671: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091671
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: liboprf
Version: 0.4.0-1
Severity: normal
Tags: patch
Hello, looks like the code is setting FORTIFY_SOURCE=2 directly from makefile,
not allowing to override
it from outside.
This is a build issue when people defaults e.g. to 3, something already done by
some distros, e.g. Ubuntu.
I took the liberty to patch the code and commit the patch on git
Description: Don't force fortify_source, we default to 3 in some architectures
Author: Gianfranco Costamagna <[email protected]>
Last-Update: 2024-12-11
--- liboprf-0.4.0.orig/src/noise_xk/example/makefile
+++ liboprf-0.4.0/src/noise_xk/example/makefile
@@ -6,7 +6,7 @@ CFLAGS += -I../.. -I../include -I ../in
-Wno-unknown-warning-option
-Wno-unused-but-set-variable \
-Wno-unused-parameter -Wno-infinite-recursion
-fPIC \
-g -fwrapv -D_BSD_SOURCE -D_DEFAULT_SOURCE
-DWITH_SODIUM \
- -O2 -fstack-protector-strong
-D_FORTIFY_SOURCE=2 \
+ -O2 -fstack-protector-strong \
-fasynchronous-unwind-tables -fpic
-Werror=format-security \
-Werror=implicit-function-declaration
-Wl,-z,defs -Wl,-z,relro \
-ftrapv -Wl,-z,noexecstack
--- liboprf-0.4.0.orig/src/noise_xk/makefile
+++ liboprf-0.4.0/src/noise_xk/makefile
@@ -7,7 +7,7 @@ CFLAGS += -Iinclude -I include/karmel -
-Wno-unknown-warning-option
-Wno-unused-but-set-variable \
-Wno-unused-parameter -Wno-infinite-recursion
-fpic \
-g -fwrapv -D_BSD_SOURCE -D_DEFAULT_SOURCE
-DWITH_SODIUM \
- -O2 -fstack-protector-strong
-D_FORTIFY_SOURCE=2 \
+ -O2 -fstack-protector-strong \
-fasynchronous-unwind-tables -fpic \
-Werror=format-security
-Werror=implicit-function-declaration \
-ftrapv
Thanks,
Gianfranco
--- End Message ---
--- Begin Message ---
Source: liboprf
Source-Version: 0.6.1-1
Done: Joost van Baal-Ilić <[email protected]>
We believe that the bug you reported is fixed in the latest version of
liboprf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joost van Baal-Ilić <[email protected]> (supplier of updated liboprf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 15 Jan 2025 07:23:06 +0100
Source: liboprf
Architecture: source
Version: 0.6.1-1
Distribution: unstable
Urgency: medium
Maintainer: Joost van Baal-Ilić <[email protected]>
Changed-By: Joost van Baal-Ilić <[email protected]>
Closes: 1091671
Changes:
liboprf (0.6.1-1) unstable; urgency=medium
.
* New upstream, shipped Jan 13, 2025:
- [fix] make noise_xk makefile cflags ?= not += for packagers
This should finally fix "unconditionally sets FORTIFY_SOURCE=2 flag".
Thanks to Gianfranco Costamagna and Gui-Yue. Closes: #1091671
.
* d/rules: add a bunch of paths to -I in CFLAGS: deal with
src/noise_xk/makefile and src/noise_xk/example/makefile.
Checksums-Sha1:
0c3a37aaae05e00f10aa273244e473154b3c05f7 2099 liboprf_0.6.1-1.dsc
658f8756ab414926b1ab5b3468031ab4fba940ff 123220 liboprf_0.6.1.orig.tar.gz
6bc513aeab4136771c1fae2dd439d6a1bd3cf3d2 7096 liboprf_0.6.1-1.debian.tar.xz
0df8dc14e90d53a72380e92a2dfcc633d11fcdf5 6946 liboprf_0.6.1-1_source.buildinfo
Checksums-Sha256:
3e3a113661d4eca03900a20d254d06cc53ba377cc20522e84a87f35e0cc2cb46 2099
liboprf_0.6.1-1.dsc
b1ff846b3a4d758cff931348f9f533f08a0bb4e609a5d089c50c09077502abfc 123220
liboprf_0.6.1.orig.tar.gz
394c0419f92800cd6209411214e6f98ca93c5995bad947c00bdec3e01acdb0dd 7096
liboprf_0.6.1-1.debian.tar.xz
afbbbc0d3926ff427156210865805336979104a21fca59f1d142e6286f55aa35 6946
liboprf_0.6.1-1_source.buildinfo
Files:
1c4c462ee8a4a3d256125b1d7638584a 2099 utils optional liboprf_0.6.1-1.dsc
5baea7ecd13f66d6672016429f83fc04 123220 utils optional
liboprf_0.6.1.orig.tar.gz
0125a55a6f823800f56bab80093755cd 7096 utils optional
liboprf_0.6.1-1.debian.tar.xz
7357bb8d99e08a0ab5d2214dade1886c 6946 utils optional
liboprf_0.6.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEkqrZAbIbS8eaR6AwVPGmYxdIZxMFAmeHySwACgkQVPGmYxdI
ZxPv8hAAtxJjtqXIFpgTr7cidsdx+DTYgAEtEzWPu+ifNFoOw7nKVD1XODV5oWF/
moYKPh0pnRxjMu8ysQsKttcy7b+T2SGhxRgiSiVE/q4SNMV5BHE8BAUV1oi1xGsj
GZlzlVAj/MvsgAIku+Z66R+G8pZk5znzaAiegMD4Viw1vLST7oOQfaGEktytlJqG
H4Q18IebaksxGDJWA5lYEQC+FIUpt17tw71B96xuVTybU6mqx99a6RtdCvmgL4zb
wMasyDtSnOM0jpdUPmZaWixCN26CcLBwjE6dQ4AN3cvfuk+bsjMZwKw85tRmvcKR
jzLf1xGgy6sRvYgCtd4DaJNw0kZmiFi0Ii7cU7xvqpnpo+cwRAf4xW0/01GHdLoQ
jqvDIUG7LfX9suCUgcGXUnDbB8LSj3fM/gz0LzWhllGIjZ+OaBNliIWxnrQZqqf/
1GvFskpxMssId1vJqjwFpAFYQ4XJ9K1B108ULXqZmGo+QWQIIXAnuOF5oVOjsJpo
ZALe8c6RXW0S6tn13Azwj5Uwk4aYWSNRbnEy3bDYDuynsr0SU2qFdux4bwEw2rEZ
BzY7bNMNsuGmGw9O4KG2IzbDvAVzGu0pyGgVHAA6t8YYgI3MJ9y0+yrEJFeQRLZF
2v4+wJoSfWH+mfZwLIcyRf/P09D7kv22NzUDyPFAlUXsJLCDf+E=
=umaC
-----END PGP SIGNATURE-----
pgp3IF3njNO5j.pgp
Description: PGP signature
--- End Message ---
