I had a look at this, but am unsure where in the lintian code it is best to implement such change. It would be useful with some input from the Lintian developers on this. The issue is still relevant, even though the latest ming compiler changed its default, making rebuilds solve the issue. Here is the state from a rebuilt gzip-win32 and the version in the archive:
% pesec gzip-1.6/debian/gzip-win32/usr/share/win32/gzip.exe ASLR: yes DEP/NX: yes SEH: yes Stack cookies (EXPERIMENTAL): yes % pesec /usr/share/win32/gzip.exe ASLR: no DEP/NX: no SEH: yes Stack cookies (EXPERIMENTAL): yes % file --mime-type /usr/share/win32/gzip.exe /usr/share/win32/gzip.exe: application/x-dosexec % file /usr/share/win32/gzip.exe /usr/share/win32/gzip.exe: PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows % The lintian check should run pesec on all Windows binaries and warn if any of the security features are turned off. -- Happy hacking Petter Reinholdtsen
