Your message dated Sun, 13 Dec 2015 22:13:17 +0000 with message-id <e1a8etj-00045l...@franck.debian.org> and subject line Bug#801597: fixed in hardening-wrapper 2.8+nmu1 has caused the Debian Bug report #801597, regarding PIE and stack protection appear missing since update to GCC-5 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 801597: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801597 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: hardening-wrapper Version: 2.7 Severity: important It appears that the behavior of hardening-wrapper has changed recently, and now PIE and stack protection are missing. mumble got a binNMU for the GCC-5 upgrade relating to library transitions for protobuf and zeroc-ice after which these protections were missing where they had them before the binNMU. Looking at the snapshot: http://snapshot.debian.org/archive/debian/20141110T040546Z/pool/main/m/mumble/mumble_1.2.8-2_amd64.deb mumble_1.2.8-2_amd64 hardening check: Position Independent Executable: yes Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes Looking at Sid: http://ftp.us.debian.org/debian/pool/main/m/mumble/mumble_1.2.8-2+b1_amd64.deb mumble_1.2.8-2+b1_amd64 hardening check: Position Independent Executable: no, normal executable! Stack protected: no, not found! Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes Reporting this as these are unexpected differences. Also: is hardening-wrapper being deprecated? I ask because lintian is reporting it as such. (See #711193) Thanks. -- Chris Chris Knadle chris.kna...@coredump.us -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---Source: hardening-wrapper Source-Version: 2.8+nmu1 We believe that the bug you reported is fixed in the latest version of hardening-wrapper, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 801...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Klose <d...@debian.org> (supplier of updated hardening-wrapper package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Dec 2015 21:48:47 +0100 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source all amd64 Version: 2.8+nmu1 Distribution: unstable Urgency: medium Maintainer: Package Hardening <hardening-disc...@lists.alioth.debian.org> Changed-By: Matthias Klose <d...@debian.org> Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 801597 802579 Changes: hardening-wrapper (2.8+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Upload as 2.8+nmu1 (binutils already has a conflict against << 2.8, the assumption that 2.8 would be uploaded in time didn't go well). * Install diversions for GCC 5 and GCC 6. Closes: #801597. * Divert the host_alias prefixed ld binaries instead of the unprefixed binaries. Closes: #802579. * Build-depend on binutils (>= 2.25.90). Checksums-Sha1: bd69b2ba7d50cecda788107af50fb3f31a495ed2 1839 hardening-wrapper_2.8+nmu1.dsc 05f2533761dbb646f93ca0ae36cc08ee47996cf8 20004 hardening-wrapper_2.8+nmu1.tar.xz 84dedf00abfa56c5abdd48309a294b522ec05655 17646 hardening-includes_2.8+nmu1_all.deb 6c1106ed3713f92cc78da62825ba60a65b46ecea 14444 hardening-wrapper_2.8+nmu1_amd64.deb Checksums-Sha256: 9b701786af84a645ab38ddb32e5c80f49bdcbdf69e93f73f78f5c34c4a7b2065 1839 hardening-wrapper_2.8+nmu1.dsc c7b630df59052b774163e61aeb80e718a4503071a891e84208716e0be11ea7e6 20004 hardening-wrapper_2.8+nmu1.tar.xz 92d14f2d85dba5263842e97443c6038aa632b7aceecc4057c4d2a4e59f870184 17646 hardening-includes_2.8+nmu1_all.deb 3201848be5c920a0ab211543ec799b4cd30d72f2e86f477276ec8919380fcbd4 14444 hardening-wrapper_2.8+nmu1_amd64.deb Files: e7b68f562e41ef2e0c5979aaee378796 1839 devel optional hardening-wrapper_2.8+nmu1.dsc e435386fe4a28c8d77b97a01f303360b 20004 devel optional hardening-wrapper_2.8+nmu1.tar.xz ac9c3a3f8f99aa52665e0b5edf39d3bb 17646 devel optional hardening-includes_2.8+nmu1_all.deb 9d4424e87cd51a1752c0324841651904 14444 devel optional hardening-wrapper_2.8+nmu1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWbeHdAAoJEL1+qmB3j6b1LH4P+wd8Mm2NrOC2XtQWcr4dvS+K DiqoHwwCvzCfIflXvg8xJ+dP/GAlHf6e9GQlTKE80Mf8Ggd8D0g4nOILKK6wBhjw Sl5l3ouQy/wyBa3r/n1nN5ehtaziII02AFwV0IK6N72tWMT2eYrBUJZdBB6E3/ME FkqMr55lWGE4p4sxcvbaDeeJd1l6W+0u1t2u1ZSwB7B1as+zMx5F0sRhp0gR9c2e aRxI2NAcJ3ouKcqjZMuhhLeAiyIaEYpynTnQzphl0nr5zo3wsl02eWCsNAM7TuS4 NV/hpMn0I/KCVQMJdf+mGEEtCslD04P3zasvFjTGhTPJnogKnr/QBmmzkNzSC6ee TCVFwskDBNRW4ZGIWFAR2rfMvRv/HuxHb3P5b7YUnaM0J2ZyQ0CPj6v6eCQMtE5c ug7bGKH+t+dZSleEOipOigdNnaX/hAzphBoLnZNvE0D9CNka3Xtu1zr7KgBZPo2h 74qXXilZr1ROQBnVtwTkrhsJCkGfVM1dQ1sKHDX4V9LfbCckWP8TxEBBYciiCYlj DxCbBIucWU+AAALq9auYIbRx5k3L0BNuhnBpkW8ISK8N7n7zIXzIAyUY6Vu83ecM AoGGj+LiRrrzLIhIuJMuyh6rUo8/nVf34YM38+xd4rfTM4UqkJR9qdAFOC071lks IW7Uw0+KI659UTX9nTAb =7LpC -----END PGP SIGNATURE-----
--- End Message ---
