Source: libclamunrar Version: 0.96.4-1 Severity: normal Tags: patch User: hardening-disc...@lists.alioth.debian.org Usertags: goal-hardening
Hi, Please consider applying the attached patch that enables the default set of hardening buildflags. It would also be nice to enable verbose build logs so you can see which flags are actually passed to the compiler/linker. Passing V=1 to make does that. Cheers, Felix
diff -u libclamunrar-0.96.4/debian/rules libclamunrar-0.96.4/debian/rules --- libclamunrar-0.96.4/debian/rules +++ libclamunrar-0.96.4/debian/rules @@ -42,7 +42,8 @@ cp -f /usr/share/misc/config.guess config.guess endif chmod a+x configure - ./configure $(CROSS) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info CFLAGS="$(CFLAGS)" LDFLAGS="-Wl,-z,defs" --disable-clamav + ./configure $(CROSS) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --disable-clamav \ + $(shell DEB_LDFLAGS_MAINT_APPEND="-Wl,-z,defs" dpkg-buildflags --export=configure) build: build-stamp