Package: evolution
Version: 3.2.2-1
Followup-For: Bug #662981
tag 662981 + patch security
thanks
In fact the current debian/rules is sourcing
/usr/share/hardening-includes/hardening.make but never updating the CFLAGS &
LDFLAGS.
You might prever this version of the patch (what ubuntu is doing) as it
preserves the other flags.
$hardening-check /usr/bin/evolution
/usr/bin/evolution:
Position Independent Executable: yes
Stack protected: no, not found!
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
Immediate binding: yes
--- evolution-3.2.2.orig/debian/rules 2012-03-08 10:09:42.544912667 +0000
+++ evolution-3.2.2/debian/rules 2012-03-08 10:09:55.916912301 +0000
@@ -17,10 +17,14 @@
DEB_DH_MAKESHLIBS_ARGS_evolution += -V
DEB_DH_MAKESHLIBS_ARGS_ALL += --noscripts -X $(ELIBDIR)/plugins
-export DEB_LDFLAGS_MAINT_APPEND=-Wl,-z,defs -Wl,--as-needed -Wl,-O1
-export DEB_BUILD_MAINT_OPTIONS=hardening=+pie,+bindnow
+LDFLAGS=$(shell dpkg-buildflags --get LDFLAGS)
+CFLAGS=$(shell dpkg-buildflags --get CFLAGS)
+CFLAGS += $(HARDENING_CFLAGS)
+LDFLAGS+=-Wl,-z,defs -Wl,-O1 -Wl,--as-needed $(HARDENING_LDFLAGS)
-DEB_REVISION := $(shell echo $(DEB_VERSION) | awk -F- '{ print $$NF }')
+export CFLAGS LDFLAGS
+
+DEB_REVISION := $(shell echo $(DEB_VERSION) | awk -F- '{ print $NF }')
DEB_CONFIGURE_EXTRA_FLAGS += \
--with-openldap \
