Package: slang2
Version: 2.2.4-7
Followup-For: Bug #656128
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear Maintainer,
The hardening flags were not enabled due to a typo in
debian/rules.
The following patch fixes that:
diff -Nru slang2-2.2.4/debian/rules slang2-2.2.4/debian/rules
--- slang2-2.2.4/debian/rules 2012-02-04 18:28:39.000000000 +0100
+++ slang2-2.2.4/debian/rules 2012-03-11 18:53:32.000000000 +0100
@@ -5,7 +5,7 @@
DEB_CFLAGS_MAINT_APPEND= -fno-strength-reduce -D_REENTRANT
-D_XOPEN_SOURCE=500 `dpkg-buildflags --get CPPFLAGS`
-PKG_EXPORT_BUILDFLAGS = 1
+DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
# Magic debhelper rule
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (hardening-check doesn't catch everything):
$ hardening-check /usr/bin/slsh /lib/x86_64-linux-gnu/libslang.so.2.2.4
/usr/lib/slang/v2/modules/zlib-module.so ...
/usr/bin/slsh:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
/lib/x86_64-linux-gnu/libslang.so.2.2.4:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
/usr/lib/slang/v2/modules/zlib-module.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
Immediate binding: no not found!
...
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPXOmAAAoJEJL+/bfkTDL5Es8QAKlppqKz4Zq6MrX56YQus1+D
P22pW7DN1U4f4lgD7wemGsiP5J/sX29gBioQWTVmE6cilwr2G/SIhmfTjii00KTo
80o9uFRfR7sE8OzuA2goNj1dM7zGR97+lR3DIgVU4PG9lIzC/EXwMhcXxbp3s/t4
+SsnkkRqtATihJc7dsQG5WjHiwCquMWm90wVl6FwxCLwf/jMCZnN3FWTXd2y5iyh
1gYFD8gi+AiP7ap6srpeyz2RcWq41WVhUQ0etd2op95VkYUSWWhZVuOnwkRl7gQN
rBL4ygtLmW/1xkahSbWT7f88GNotb9liHwa21Z/mpl1d7SEieAgQ116vWeut0Uh+
2x3ofoQsz/ezz0Cx4U+np/Exe/yXuusb0+gKb4dmWUSsvDD9tpE1l663eh9aAfIW
H2OtNTbXf+C0r/91M0X0Di/bzfvKgEGEaO9MUmGMRnKfuMle1nE5FusgTeiAp3Ic
KgmaUArfzObVm8hzNv8FtHx+fvVU7stxkladEnWZjr24q6yiu8AYLrOnPNEjcxvb
rsf2bPM8OzpS0EY0LEDvahjapvsmqqycwojLGS52HU+laji6zkevFu9JSJwxZ2CY
SBn943P6GyBWjnHdHD9qd43CpzKriXPRfYF3mY/5Y6F6H/DKWuk1v2I7nGFn3ayf
LqN0JIgKTuh/Y3m0HaFe
=WR5n
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
