Package: slang2 Version: 2.2.4-7 Followup-For: Bug #656128 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Dear Maintainer, The hardening flags were not enabled due to a typo in debian/rules. The following patch fixes that: diff -Nru slang2-2.2.4/debian/rules slang2-2.2.4/debian/rules --- slang2-2.2.4/debian/rules 2012-02-04 18:28:39.000000000 +0100 +++ slang2-2.2.4/debian/rules 2012-03-11 18:53:32.000000000 +0100 @@ -5,7 +5,7 @@ DEB_CFLAGS_MAINT_APPEND= -fno-strength-reduce -D_REENTRANT -D_XOPEN_SOURCE=500 `dpkg-buildflags --get CPPFLAGS` -PKG_EXPORT_BUILDFLAGS = 1 +DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk # Magic debhelper rule To check if all flags were correctly enabled you can use `hardening-check` from the hardening-includes package and check the build log (hardening-check doesn't catch everything): $ hardening-check /usr/bin/slsh /lib/x86_64-linux-gnu/libslang.so.2.2.4 /usr/lib/slang/v2/modules/zlib-module.so ... /usr/bin/slsh: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no not found! /lib/x86_64-linux-gnu/libslang.so.2.2.4: Position Independent Executable: no, regular shared library (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no not found! /usr/lib/slang/v2/modules/zlib-module.so: Position Independent Executable: no, regular shared library (ignored) Stack protected: no, not found! Fortify Source functions: unknown, no protectable libc functions used Read-only relocations: yes Immediate binding: no not found! ... (Position Independent Executable and Immediate binding is not enabled by default.) Use find -type f \( -executable -o -name \*.so\* \) -exec hardening-check {} + on the build result to check all files. Regards, Simon - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJPXOmAAAoJEJL+/bfkTDL5Es8QAKlppqKz4Zq6MrX56YQus1+D P22pW7DN1U4f4lgD7wemGsiP5J/sX29gBioQWTVmE6cilwr2G/SIhmfTjii00KTo 80o9uFRfR7sE8OzuA2goNj1dM7zGR97+lR3DIgVU4PG9lIzC/EXwMhcXxbp3s/t4 +SsnkkRqtATihJc7dsQG5WjHiwCquMWm90wVl6FwxCLwf/jMCZnN3FWTXd2y5iyh 1gYFD8gi+AiP7ap6srpeyz2RcWq41WVhUQ0etd2op95VkYUSWWhZVuOnwkRl7gQN rBL4ygtLmW/1xkahSbWT7f88GNotb9liHwa21Z/mpl1d7SEieAgQ116vWeut0Uh+ 2x3ofoQsz/ezz0Cx4U+np/Exe/yXuusb0+gKb4dmWUSsvDD9tpE1l663eh9aAfIW H2OtNTbXf+C0r/91M0X0Di/bzfvKgEGEaO9MUmGMRnKfuMle1nE5FusgTeiAp3Ic KgmaUArfzObVm8hzNv8FtHx+fvVU7stxkladEnWZjr24q6yiu8AYLrOnPNEjcxvb rsf2bPM8OzpS0EY0LEDvahjapvsmqqycwojLGS52HU+laji6zkevFu9JSJwxZ2CY SBn943P6GyBWjnHdHD9qd43CpzKriXPRfYF3mY/5Y6F6H/DKWuk1v2I7nGFn3ayf LqN0JIgKTuh/Y3m0HaFe =WR5n -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org