On Sun, Jan 08, 2012 at 06:13:59PM +0100, Moritz Muehlenhoff wrote: > Package: emacs23 > Version: 23.3+1-4 > Severity: important > Tags: patch > > Hi Rob, > Please enabled hardened build flags through dpkg-buildflags. > > Patch attached. (dpkg-buildflags abides "noopt" from DEB_BUILD_OPTIONS)
I forgot to add that "-Wformat -Wformat-security -Werror=format-security" exposed missing format strings in movemail, for which I attach a patch. Cheers, Moritz
diff -aur emacs23-23.3+1.orig/lib-src/movemail.c emacs23-23.3+1/lib-src/movemail.c --- emacs23-23.3+1.orig/lib-src/movemail.c 2011-12-29 05:07:27.000000000 +0100 +++ emacs23-23.3+1/lib-src/movemail.c 2012-01-08 17:31:22.000000000 +0100 @@ -615,11 +615,11 @@ { fprintf (stderr, "movemail: "); if (s3) - fprintf (stderr, s1, s2, s3); + fprintf (stderr, "%s%s%s", s1, s2, s3); else if (s2) - fprintf (stderr, s1, s2); + fprintf (stderr, "%s%s", s1, s2); else - fprintf (stderr, s1); + fprintf (stderr, "%s", s1); fprintf (stderr, "\n"); } Nur in emacs23-23.3+1/lib-src: movemail.c~.