Hi Guillem,

gcc-6/6.2.0-7 has just been uploaded with the changed defaults.
The list of architectures is a bit different than the one in the attaches patch.
The updated list is:
amd64 arm64 armel armhf i386 mips mipsel mips64el ppc64el s390x

Cheers,
Balint

2016-09-07 0:48 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>:
> Hi Guillem,
>
> I'm rebuilding all packages failed with the original patch and a good share
> does compile with the following additional patches.
>
> I would have preferred only the original patch, but apparently this is
> our best chance for enabling PIE for the archive.
>
> I'll start filing bugs for for the packages still failing to build.
>
> Cheers,
> Balint
>
> 2016-09-04 3:03 GMT+02:00 Balint Reczey <bal...@balintreczey.hu>:
>> Hi Guillem,
>>
>> Many packages fail to build due to gcc ... -shared -no-pie ... failing.
>> I have reported the issue to GCC but they don't seem to fix that:
>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
>>
>> The proposed workarounds don't seem to be viable in Debian thus I
>> propose making the -pie dpkg hardening flag a noop instead of passing
>> -no-pie and friends as compiler/ flags like in the proposed patch.
>> This is not symmetric but consistent with Ubuntu's way of enabling PIE.
>>
>> What do you think?
>>
>> Cheers,
>> Balint
>>
>> On Tue, 23 Aug 2016 00:29:00 +0200 Balint Reczey
>> <bal...@balintreczey.hu> wrote:
>>> Package: dpkg
>>> Version: 1.18.10
>>> Severity: wishlist
>>> Tags: patch moreinfo
>>>
>>> Dear Guillem,
>>>
>>> As a continuation of the discussions [1][2] on debian-devel I'm
>>> attaching the simple patch that changes dpkg's pie hardening flag
>>> to adapt to GCC's new default settings proposed in #835148.
>>>
>>> I'm continuing with the rebuild/autopkgtest tests according to
>>> the Dpkg FAQ, hence the moreinfo tag.
>>>
>>> Cheers,
>>> Balint
>>>
>>> [1] https://lists.debian.org/debian-devel/2016/05/msg00228.html
>>> [2] https://lists.debian.org/debian-devel/2016/08/msg00324.html
>>>

Reply via email to