Source: gnomad2 Version: 2.9.6-2 Severity: normal User: [email protected] Usertags: hardening-format-security hardening
the package gnomad2 fails to compile with the new hardened compiler flags dpkg-buildflag outputs [0]. The problematic flag is: -Werror=format-security See the ubuntu buildlog: https://launchpadlibrarian.net/83136722/buildlog_ubuntu-precise-i386.gnomad2_2.9.6-2_FAILEDTOBUILD.txt.gz Snippet: gcc -DPACKAGE_NAME=\"gnomad2\" -DPACKAGE_TARNAME=\"gnomad2\" -DPACKAGE_VERSION=\"2.9.6\" -DPACKAGE_STRING=\"gnomad2\ 2.9.6\" -DPACKAGE_BUGREPORT=\"[email protected]\" -DPACKAGE_URL=\"\" -DPACKAGE=\"gnomad2\" -DVERSION=\"2.9.6\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_TAGLIB=1 -DHAVE_LIBMTP=1 -DHAVE_LIBMTP_030=1 -DHAVE_GUDEV=1 -DGETTEXT_PACKAGE=\"gnomad2\" -DHAVE_LOCALE_H=1 -DHAVE_LC_MESSAGES=1 -DHAVE_BIND_TEXTDOMAIN_CODESET=1 -DHAVE_GETTEXT=1 -DHAVE_DCGETTEXT=1 -DENABLE_NLS=1 -DGNOMADLOCALEDIR=\"/usr/share/locale\" -DHAVE_DIRENT_H=1 -DSTDC_HEADERS=1 -DHAVE_MALLOC_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_FCNTL_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_CHDIR=1 -I. -pthread -I/usr/include/gtk-2.0 -I/usr/lib/x86_64-linux-gnu/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/pango-1.0 -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/cairo -I/usr/include/gio-unix-2.0/ -I/usr/include/taglib -pthread -I/usr/include/gudev-1.0 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -DPREFIX=\"/usr\" -DSYSCONFDIR=\"/etc\" -DDATADIR=\"/usr/share\" -DLIBDIR=\"/usr/lib\" -DPIXMAPSDIR=\""/usr/share/pixmaps"\" -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -DGTK_DISABLE_SINGLE_INCLUDES -DG_DISABLE_SINGLE_INCLUDES -c editmeta.c util.c: In function 'create_error_dialog': util.c:213:8: error: format not a string literal and no format arguments [-Werror=format-security] util.c: In function 'request_confirmation_dialog': util.c:237:8: error: format not a string literal and no format arguments [-Werror=format-security] cc1: some warnings being treated as errors The buildflags are not exported in debian, but can be enabled e.g. by adding this to debian/rules: DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk Please fix the issues and maybe also enable the hardened build in debian. [0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
signature.asc
Description: OpenPGP digital signature
