Your message dated Tue, 22 May 2012 08:54:05 +0000 with message-id <e1swkqz-0002sm...@franck.debian.org> and subject line Bug#669182: fixed in gtk2-engines-oxygen 1.2.4-1 has caused the Debian Bug report #669182, regarding gtk2-engines-oxygen: LDFLAGS hardening flags missing to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 669182: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669182 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: gtk2-engines-oxygen Version: 1.2.2-1 Severity: normal Tags: patch Dear Maintainer, The LDFLAGS hardening flags are missing because they are overwritten in debian/rules. For more hardening information please have a look at [1], [2] and [3]. The following patch fixes the issue. diff -Nru gtk2-engines-oxygen-1.2.2/debian/rules gtk2-engines-oxygen-1.2.2/debian/rules --- gtk2-engines-oxygen-1.2.2/debian/rules 2012-01-21 20:09:29.000000000 +0100 +++ gtk2-engines-oxygen-1.2.2/debian/rules 2012-04-15 18:54:39.000000000 +0200 @@ -7,9 +7,9 @@ dh_auto_configure -- \ -DDEBIAN_NO_DEMOS=1 \ -DCMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT=yes \ - -DCMAKE_SHARED_LINKER_FLAGS="-Wl,--no-undefined -Wl,--as-needed" \ - -DCMAKE_MODULE_LINKER_FLAGS="-Wl,--no-undefined -Wl,--as-needed" \ - -DCMAKE_EXE_LINKER_FLAGS="-Wl,--no-undefined -Wl,--as-needed" + -DCMAKE_SHARED_LINKER_FLAGS="$(LDFLAGS) -Wl,--no-undefined -Wl,--as-needed" \ + -DCMAKE_MODULE_LINKER_FLAGS="$(LDFLAGS) -Wl,--no-undefined -Wl,--as-needed" \ + -DCMAKE_EXE_LINKER_FLAGS="$(LDFLAGS) -Wl,--no-undefined -Wl,--as-needed" override_dh_makeshlibs: dh_makeshlibs -X/usr/lib/$(DEB_HOST_MULTIARCH)/gtk-2.0 To check if all flags were correctly enabled you can use `hardening-check` from the hardening-includes package and check the build log (for example with blhc [4]) (hardening-check doesn't catch everything): $ hardening-check /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/liboxygen-gtk.so /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/liboxygen-gtk.so: Position Independent Executable: no, regular shared library (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: no not found! (Position Independent Executable and Immediate binding is not enabled by default.) Use find -type f \( -executable -o -name \*.so\* \) -exec hardening-check {} + on the build result to check all files. Regards, Simon [1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags [2]: https://wiki.debian.org/HardeningWalkthrough [3]: https://wiki.debian.org/Hardening [4]: http://ruderich.org/simon/blhc/ -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: gtk2-engines-oxygen Source-Version: 1.2.4-1 We believe that the bug you reported is fixed in the latest version of gtk2-engines-oxygen, which is due to be installed in the Debian FTP archive: gtk2-engines-oxygen_1.2.4-1.debian.tar.bz2 to main/g/gtk2-engines-oxygen/gtk2-engines-oxygen_1.2.4-1.debian.tar.bz2 gtk2-engines-oxygen_1.2.4-1.dsc to main/g/gtk2-engines-oxygen/gtk2-engines-oxygen_1.2.4-1.dsc gtk2-engines-oxygen_1.2.4-1_amd64.deb to main/g/gtk2-engines-oxygen/gtk2-engines-oxygen_1.2.4-1_amd64.deb gtk2-engines-oxygen_1.2.4.orig.tar.bz2 to main/g/gtk2-engines-oxygen/gtk2-engines-oxygen_1.2.4.orig.tar.bz2 A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 669...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Fathi Boudra <f...@debian.org> (supplier of updated gtk2-engines-oxygen package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 22 May 2012 10:08:56 +0300 Source: gtk2-engines-oxygen Binary: gtk2-engines-oxygen Architecture: source amd64 Version: 1.2.4-1 Distribution: unstable Urgency: low Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org> Changed-By: Fathi Boudra <f...@debian.org> Description: gtk2-engines-oxygen - Oxygen widget theme for GTK+-based applications Closes: 669182 670830 Changes: gtk2-engines-oxygen (1.2.4-1) unstable; urgency=low . * New upstream release. - Fix codeblocks crash. (Closes: #670830) . [ Kai Wasserbäch ] * debian/control: Change B-D from libdbus-glib-1-dev to libglib2.0-dev >= 2.26.0, preferred by upstream's build system. . [ Fathi Boudra ] * Update debian/rules: use DEB_LDFLAGS_MAINT_APPEND. (Closes: #669182) Checksums-Sha1: d98c6a59fe2e2ebcea6aeb57c2c64d45b5f22c0d 1688 gtk2-engines-oxygen_1.2.4-1.dsc 4128d599e77c254b8498772b2f92601f19f4f4c3 191260 gtk2-engines-oxygen_1.2.4.orig.tar.bz2 070b07e96e8612c69761ee769e0b0a2aa0c965cc 3946 gtk2-engines-oxygen_1.2.4-1.debian.tar.bz2 cde78b096c66ce2d9d0958bb797fecde44581d61 473150 gtk2-engines-oxygen_1.2.4-1_amd64.deb Checksums-Sha256: 43c2f4275a45a8be9cb06536f057579a74d83c563bd97378979adbaf5624826b 1688 gtk2-engines-oxygen_1.2.4-1.dsc ca779f9d7112a5879e5915e5486d5472e97693e3409c0cad4e1aedbabaee2af3 191260 gtk2-engines-oxygen_1.2.4.orig.tar.bz2 2c98ee799f4766a8802cb392034eb7709431f6f3a1ad0c1503371198b900d743 3946 gtk2-engines-oxygen_1.2.4-1.debian.tar.bz2 87d41f2c77138eabfd2dd84ae228098199f18025c0ae3d95bc667d0d438e297a 473150 gtk2-engines-oxygen_1.2.4-1_amd64.deb Files: c9095ea7d68c3d601a220235361321ba 1688 gnome optional gtk2-engines-oxygen_1.2.4-1.dsc 107c56ae519483fcb747b751680bbf37 191260 gnome optional gtk2-engines-oxygen_1.2.4.orig.tar.bz2 630c4f29178ddfa5b3f86e71d96e0f1e 3946 gnome optional gtk2-engines-oxygen_1.2.4-1.debian.tar.bz2 a1b0a995305236b0242416893a1f6b4d 473150 gnome optional gtk2-engines-oxygen_1.2.4-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iJwEAQECAAYFAk+7SAcACgkQjPU19mqlcvdSCwP/RRB0j2CGpTwuWlMb1N1D8HRm 5Q1G4qpvCaqAnmAwAnEcqB0DzYWBnKkUPu4BTnkf+ij46FhCVnHSd0LvTztwYfG2 jsL8uoAgxZZyTSGcvvKEVFvvImUJQwl4N/Kiy1cPUYpB1KargJlUItUB/SLgLjTO aqG5hvHGBJ5jXP2cVew= =vRtz -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras