Bug#870383: marked as done (libdpkg-perl: PIE specs files override previous entries)
Your message dated Mon, 6 Jun 2022 12:55:13 +0200 with message-id and subject line Re: Bug#879014: gpgme1.0: FTBFS on some arches: Qt needs a compile with -fPIC (PIE is not enough), hardening downgrades to PIE has caused the Debian Bug report #870383, regarding libdpkg-perl: PIE specs files override previous entries to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 870383: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870383 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gpgme1.0 Version: 1.8.0-3 Severity: important Hi, gpgme1.0 FTBFS on hurd-i386: https://buildd.debian.org/status/fetch.php?pkg=gpgme1.0=hurd-i386=1.8.0-3=1486062988=0 configure:19582: checking whether a simple qt program can be built configure:19593: g++ -o conftest -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -I/usr/include/i386-gnu/qt5/QtCore -I/usr/include/i386-gnu/qt5 -fpic -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now conftest.cpp -lQt5Core >&5 In file included from /usr/include/i386-gnu/qt5/QtCore/qcoreapplication.h:43:0, from /usr/include/i386-gnu/qt5/QtCore/QCoreApplication:1, from conftest.cpp:32: /usr/include/i386-gnu/qt5/QtCore/qglobal.h:1113:4: error: #error "You must build your code with position independent code if Qt was built with -reduce-relocations. " "Compile your code with -fPIC (-fPIE is not enough)." # error "You must build your code with position independent code if Qt was built with -reduce-relocations. "\ Andreas --- End Message --- --- Begin Message --- On Thu, 27 Jan 2022 11:05:23 +0100 Gianfranco Costamagna wrote: Hello, On Tue, 7 Jul 2020 16:02:35 +0200 Guillem Jover wrote: > Control: reopen -1 > Control: tag -1 - patch > > On Tue, 2020-07-07 at 07:06:34 +0200, Guillem Jover wrote: > > On Wed, 2020-07-01 at 17:20:40 -0400, Daniel Kahn Gillmor wrote: > > > Further conversation about problems compiling and linking against Qt and > > > GPGME in debian suggest that the problem might be related to dpkg's > > > default spec files, and confused by Qt's compiler warnings. > > > > > > I'm attaching a patch to dpkg which (i think) reflects the fix proposed > > > by Guillem Jover (in cc): > > > > Yes this is what I had locally, thanks for testing! I'm including a > > fix in the next upload. > > > > --- a/data/no-pie-compile.specs > > > +++ b/data/no-pie-compile.specs > > > @@ -1,2 +1,2 @@ > > > -*self_spec: > > > ++self_spec: > > > + %{!r:%{!fpie:%{!fPIE:%{!fpic:%{!fPIC:%{!fno-pic:-fno-PIE}} > > Ok, so Thorsten Glaser very helpfully pointed out that this is actually > bogus, as the + is supposed to go with the text not the spec name (which > was already there!). In this case I assume it gets interpreted as a > «[SUFFIX]:» entry, and then this get completely ignored (w/o an error > diagnostic), disabling all the specs files (confirmed by Thorsten on > x32), that's why the specific problem with gpgme+Qt stopped failing in > Daniel's tests. > > I'll revert this in a quick .5 upload later today, and then try to > track down what's going on, and add some unit tests for the specs files, > so that this gets tested on architectures where it truly affects them. > After two years, gpgme1.0 now builds fine, so maybe its time to close this bug? G. Closing then G. > Thanks, > Guillem > > --- End Message ---
Bug#870383: marked as done (libdpkg-perl: PIE specs files override previous entries)
Your message dated Tue, 07 Jul 2020 06:33:49 + with message-id and subject line Bug#870383: fixed in dpkg 1.20.4 has caused the Debian Bug report #870383, regarding libdpkg-perl: PIE specs files override previous entries to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 870383: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870383 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gpgme1.0 Version: 1.8.0-3 Severity: important Hi, gpgme1.0 FTBFS on hurd-i386: https://buildd.debian.org/status/fetch.php?pkg=gpgme1.0=hurd-i386=1.8.0-3=1486062988=0 configure:19582: checking whether a simple qt program can be built configure:19593: g++ -o conftest -g -O2 -fdebug-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -I/usr/include/i386-gnu/qt5/QtCore -I/usr/include/i386-gnu/qt5 -fpic -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now conftest.cpp -lQt5Core >&5 In file included from /usr/include/i386-gnu/qt5/QtCore/qcoreapplication.h:43:0, from /usr/include/i386-gnu/qt5/QtCore/QCoreApplication:1, from conftest.cpp:32: /usr/include/i386-gnu/qt5/QtCore/qglobal.h:1113:4: error: #error "You must build your code with position independent code if Qt was built with -reduce-relocations. " "Compile your code with -fPIC (-fPIE is not enough)." # error "You must build your code with position independent code if Qt was built with -reduce-relocations. "\ Andreas --- End Message --- --- Begin Message --- Source: dpkg Source-Version: 1.20.4 Done: Guillem Jover We believe that the bug you reported is fixed in the latest version of dpkg, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 870...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Guillem Jover (supplier of updated dpkg package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 07 Jul 2020 07:57:48 +0200 Source: dpkg Architecture: source Version: 1.20.4 Distribution: unstable Urgency: medium Maintainer: Dpkg Developers Changed-By: Guillem Jover Closes: 870383 964017 964111 964234 Changes: dpkg (1.20.4) unstable; urgency=medium . [ Guillem Jover ] * Improve PIE flags support: - Prefix the specs file spec string self_spec with + instead of *. This way we do not override any previous setting, otherwise when passing the -specs options twice (f.ex. to compile and link), only the last one will take effect, which can break the build. Closes: #870383 * Perl modules: - Dpkg::Source::Package: Explicitly initialize constructor options to their implicit values, otherwise other code end up assuming different defaults. Closes: #964017 - Dpkg::OpenPGP: Use a temporary directory for the GnuPG homedir in verify_signature(), to make sure we do not write to the user home directory, except for the trustkeys.db file if present. - Dpkg::Path: Refactor new check_directory_traversal() function out of Dpkg::Source::Package->extract(). - Dpkg::Path: Do not do partial matches for directory traversal checks, expect a trailing slash after the base directory name. - Dpkg::Path: Catch uncanonicanizable pathnames with a proper error. Closes: #964111 - Dpkg::Path: Do not consider missing symlink targets a directory traversal attempt. Closes: #964234 - Dpkg::Path: Allow /dev/null for directory traversals. Reported by Holger Levsen . * Build system: - Add Module::Signature as configure recommends for CPAN. * Test suite: - Use File::Path::make_path() instead of chained mkdir() in Dpkg_Path.t. - Add unit tests for Dpkg::Path::check_directory_traversal(). . [ Updated programs translations ] * German (Sven Joachim). Checksums-Sha1: 12983dabc712157582b2bcff0c1b0e6f1de9e65c 2109 dpkg_1.20.4.dsc 41a445efe3c51e07b38948defd51e601683a5448 4715020 dpkg_1.20.4.tar.xz 413c302f34195f09a53ef23943c9ebda3f811802 7501 dpkg_1.20.4_amd64.buildinfo Checksums-Sha256: