Package: lintian Version: 2.5.10.1 Severity: normal Hi,
consider the following (guitarix 0.24.0-1 is in experimental): $ lintian -i guitarix_0.24.0-1_i386.changes W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix.so N: N: This package provides an ELF binary that lacks the use of fortified libc N: functions. Either there are no potentially unfortified functions called N: by any routines, all unfortified calls have already been fully validated N: at compile-time, or the package was not built with the default Debian N: compiler flags defined by dpkg-buildflags. If built using N: dpkg-buildflags directly, be sure to import CPPFLAGS. N: N: NB: Due to false-positives, Lintian ignores some unprotected functions N: (e.g. memcpy). N: N: Refer to http://wiki.debian.org/Hardening and N: http://bugs.debian.org/673112 for details. N: N: Severity: normal, Certainty: possible N: N: Check: binaries, Type: binary, udeb N: W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_IR.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_amp.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_compressor.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_crybaby.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_distortion.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_echo.so W: guitarix: hardening-no-fortify-functions usr/lib/ladspa/guitarix_freeverb.so I already sorted out similar issues with upstream to correctly pass the correct dpkg-buildflags to the build. But the above is still present, even though it looks like everything (especially CPPFLAGS) is passed correctly. See also the build log at https://buildd.debian.org/status/fetch.php?pkg=guitarix&arch=amd64&ver=0.24.0-1&stamp=1345247045 Maybe this is a false positive? Thanks in advance, Roland -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages lintian depends on: ii binutils 2.22-7.1 ii bzip2 1.0.6-3 ii diffstat 1.55-3 ii file 5.11-2 ii gettext 0.18.1.1-9 ii hardening-includes 2.2 ii intltool-debian 0.35.0+20060710.1 ii libapt-pkg-perl 0.1.26+b1 ii libarchive-zip-perl 1.30-6 ii libc-bin 2.13-35 ii libclass-accessor-perl 0.34-1 ii libclone-perl 0.31-1+b2 ii libdpkg-perl 1.16.8 ii libemail-valid-perl 0.190-1 ii libipc-run-perl 0.91-1 ii libparse-debianchangelog-perl 1.2.0-1 ii libtimedate-perl 1.2000-1 ii liburi-perl 1.60-1 ii locales 2.13-35 ii man-db 2.6.2-1 ii patchutils 0.3.2-1.1 ii perl [libdigest-sha-perl] 5.14.2-12 lintian recommends no packages. Versions of packages lintian suggests: pn binutils-multiarch <none> ii dpkg-dev 1.16.8 ii libhtml-parser-perl 3.69-2 pn libperlio-gzip-perl <none> ii libtext-template-perl 1.45-2 ii lzma 9.22-2 ii man-db 2.6.2-1 ii xz-utils [lzma] 5.1.1alpha+20120614-1 -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/20120819114743.9309.92804.reportbug@newk
