On Fri, Mar 01, 2013 at 04:08:18PM -0800, Russ Allbery wrote: > At this point in the release process, I really think upgrading with > _FORTIFY_SOURCE disabled is the correct fix. Just increasing a buffer > size is usually not a good idea; that's the sort of change that can paper > over a deeper problem without actually solving it, just temporarily hiding > it. At the least, I think it would require more testing than we would be > able to do at this point. > > My recommendation is to apply the change suggested in the bug log to > disable _FORTIFY_SOURCE for the wheezy release, and then, post-wheezy, > upload the package with _FORTIFY_SOURCE enabled and possibly with the > buffer size increased (maybe after discussion with upstream).
I agree, pd isn't security-sensitive anyway. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org