tag 489771 pending
thanks
Hello,
Bug #489771 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=dpkg/dpkg.git;a=commitdiff;h=f3bb7d4
---
commit f3bb7d4939ae95cf44c89e8f599e7ed5da431e57
Author: Raphaël Hertzog <[email protected]>
Date: Wed Jul 27 22:10:49 2011 +0200
dpkg-buildflags: emit hardening build flags by default
All the hardening build flags supported by hardening-includes
are supported except that PIE is not enabled by default (just like
the corresponding gcc patch doesn't enable it by default).
Inspired by the work of Kees Cook <[email protected]>.
diff --git a/debian/changelog b/debian/changelog
index 06d7dbb..977d27d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -102,6 +102,9 @@ dpkg (1.16.1) UNRELEASED; urgency=low
* Fix dpkg's handling of a hardlink pointing to a conffile. Closes: #638291
* Add example of extend-diff-ignore's usage in dpkg-source(1).
Closes: #640198
+ * dpkg-buildflags now returns hardening flags by default. Closes: #489771
+ They can be individually enabled/disabled via DEB_BUILD_MAINT_OPTIONS,
+ see dpkg-buildflags(1). Thanks to Kees Cook for his help.
[ Guillem Jover ]
* Install deb-src-control(5) man pages in dpkg-dev. Closes: #620520
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
