subject:"Bug#859424\: marked as done \(mapnik shouldn't disable PIE\)"

Bug#859424: marked as done (mapnik shouldn't disable PIE)

2017-04-03 Thread Debian Bug Tracking System

Your message dated Mon, 03 Apr 2017 15:35:30 +
with message-id 
and subject line Bug#859424: fixed in mapnik 3.0.13+ds-1~exp2
has caused the Debian Bug report #859424,
regarding mapnik shouldn't disable PIE
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
859424: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859424
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mapnik
Version: 3.0.12+ds-2
Severity: important
Tags: patch

With gcc in stretch defaulting to PIE, hardening=+all,-pie changed
semantics from "enable hardening but not PIE" to "enable all hardening
and explicitely disable the default PIE".
The latter is usually not intended.

For packages like mapnik that include static libraries the situation
is even worse, since non-PIE static libraries cannot be used with
the stretch gcc unless -no-pie is explicitly passed when linking.

The -pie in hardening flags was in some cases required in pre-stretch
releases to avoid build failures caused by (incorrectly) passing -fPIE
to the compiler when building shared libraries or plugins.
This problem does no longer exist.

I verified that python-mapnik still builds after this change.

Please apply the following patch:

--- debian/rules.old2017-04-03 11:04:40.0 +
+++ debian/rules2017-04-03 11:04:53.0 +
@@ -4,9 +4,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-# Enable hardening build flags, except:
-#  pie: causes python-mapnik build failure
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
+# Enable hardening build flags:
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all
 
 NJOBS := -j1
 ifneq (,$(filter parallel=%,$(subst $(COMMA), ,$(DEB_BUILD_OPTIONS
--- End Message ---
--- Begin Message ---
Source: mapnik
Source-Version: 3.0.13+ds-1~exp2

We believe that the bug you reported is fixed in the latest version of
mapnik, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 859...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg  (supplier of updated mapnik package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 03 Apr 2017 15:36:12 +0200
Source: mapnik
Binary: libmapnik3.0 libmapnik-dev mapnik-utils mapnik-doc
Architecture: source amd64 all
Version: 3.0.13+ds-1~exp2
Distribution: experimental
Urgency: medium
Maintainer: Debian GIS Project 
Changed-By: Bas Couwenberg 
Description:
 libmapnik-dev - C++ toolkit for developing GIS applications (devel)
 libmapnik3.0 - C++ toolkit for developing GIS applications (libraries)
 mapnik-doc - C++ toolkit for developing GIS applications (doc)
 mapnik-utils - C++ toolkit for developing GIS applications (utilities)
Closes: 859424
Changes:
 mapnik (3.0.13+ds-1~exp2) experimental; urgency=medium
 .
   * Merge changes from mapnik (3.0.12+ds-3).
 (closes: #859424)
   * Drop unused lintian overrides for hardening-no-pie.
Checksums-Sha1:
 2d5c6f22a996fdb7c6171ccb44660a7ea367817e 3022 mapnik_3.0.13+ds-1~exp2.dsc
 7ac6103bbfcebfe9bec7cc55ac235e2eeb7285c7 16612 
mapnik_3.0.13+ds-1~exp2.debian.tar.xz
 80c5802ded8cbb1f9b97dbae89af2ac75962bf95 668034 
libmapnik-dev_3.0.13+ds-1~exp2_amd64.deb
 4630c6d7ab7ac1bbd7b3cb4dd88097680a1b0cc2 2165282 
libmapnik3.0_3.0.13+ds-1~exp2_amd64.deb
 dff5b167a0d9c51723b0bf32a6475b3397c121b9 2137372 
mapnik-doc_3.0.13+ds-1~exp2_all.deb
 9f004745a320d06a6fc74449f7606be40bc0d958 223636 
mapnik-utils_3.0.13+ds-1~exp2_amd64.deb
 a78fc1e6631d0e9922ed8ec3f3202aeb85dfab9a 13372 
mapnik_3.0.13+ds-1~exp2_amd64.buildinfo
Checksums-Sha256:
 12bda52cb3dd7bca62633bc3f5fffcf64e6ef59032cd38f6d283a89b5bad43a3 3022 
mapnik_3.0.13+ds-1~exp2.dsc
 771e642d71c3c99f8b255e6c6d40f63c5f6cb0b7047d2a2e6f6357d55f112109 16612 
mapnik_3.0.13+ds-1~exp2.debian.tar.xz
 7f283918a37088e118f0f9be1fd1fec653e1ea68361f5460715e297f1af21826 668034 
libmapnik-dev_3.0.13+ds-1~exp2_amd64.deb
 7df5d28ca7f5a16c5b996ccf9f44f6ba9a82568ead82a511fbc19089647c6300 2165282 
libmapnik3.0_3.0.13+ds-1~exp2_amd64.deb

Bug#859424: marked as done (mapnik shouldn't disable PIE)

2017-04-03 Thread Debian Bug Tracking System

Your message dated Mon, 03 Apr 2017 13:50:26 +
with message-id 
and subject line Bug#859424: fixed in mapnik 3.0.12+ds-3
has caused the Debian Bug report #859424,
regarding mapnik shouldn't disable PIE
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
859424: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859424
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mapnik
Version: 3.0.12+ds-2
Severity: important
Tags: patch

With gcc in stretch defaulting to PIE, hardening=+all,-pie changed
semantics from "enable hardening but not PIE" to "enable all hardening
and explicitely disable the default PIE".
The latter is usually not intended.

For packages like mapnik that include static libraries the situation
is even worse, since non-PIE static libraries cannot be used with
the stretch gcc unless -no-pie is explicitly passed when linking.

The -pie in hardening flags was in some cases required in pre-stretch
releases to avoid build failures caused by (incorrectly) passing -fPIE
to the compiler when building shared libraries or plugins.
This problem does no longer exist.

I verified that python-mapnik still builds after this change.

Please apply the following patch:

--- debian/rules.old2017-04-03 11:04:40.0 +
+++ debian/rules2017-04-03 11:04:53.0 +
@@ -4,9 +4,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-# Enable hardening build flags, except:
-#  pie: causes python-mapnik build failure
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
+# Enable hardening build flags:
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all
 
 NJOBS := -j1
 ifneq (,$(filter parallel=%,$(subst $(COMMA), ,$(DEB_BUILD_OPTIONS
--- End Message ---
--- Begin Message ---
Source: mapnik
Source-Version: 3.0.12+ds-3

We believe that the bug you reported is fixed in the latest version of
mapnik, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 859...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg  (supplier of updated mapnik package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 03 Apr 2017 14:47:38 +0200
Source: mapnik
Binary: libmapnik3.0 libmapnik-dev mapnik-utils mapnik-doc
Architecture: source amd64 all
Version: 3.0.12+ds-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GIS Project 
Changed-By: Bas Couwenberg 
Description:
 libmapnik-dev - C++ toolkit for developing GIS applications (devel)
 libmapnik3.0 - C++ toolkit for developing GIS applications (libraries)
 mapnik-doc - C++ toolkit for developing GIS applications (doc)
 mapnik-utils - C++ toolkit for developing GIS applications (utilities)
Closes: 859424
Changes:
 mapnik (3.0.12+ds-3) unstable; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Enable PIE hardening buildflags.
 (closes: #859424)
Checksums-Sha1:
 5ed5044fe26ca1dbaf582e2566c5c999f3e63066 3013 mapnik_3.0.12+ds-3.dsc
 193187df79c28a70e94ce9d47ec3a040e1309c46 17404 mapnik_3.0.12+ds-3.debian.tar.xz
 e8a650aea8245760c5c76dd15f421327f697b589 674258 
libmapnik-dev_3.0.12+ds-3_amd64.deb
 910dcbe8cdec58f9b1f7e8b7b2704364076ec9c1 2169062 
libmapnik3.0_3.0.12+ds-3_amd64.deb
 1b6250660cdbe0ee10716288b1506a8392684738 2136812 mapnik-doc_3.0.12+ds-3_all.deb
 896761a1b4696994f91d6016799f9c9759c75a3a 228404 
mapnik-utils_3.0.12+ds-3_amd64.deb
 032e34c321c46ca4578f362a121890914d7b20b4 13292 
mapnik_3.0.12+ds-3_amd64.buildinfo
Checksums-Sha256:
 9cc1865ba12bda09be20f93d7ba0b9748b339ede82bc7b30176ba512377b4034 3013 
mapnik_3.0.12+ds-3.dsc
 833dd61dd346f2cf16bd99da812c1bd2e28329f3b9a3a6e0b42a012507629f6c 17404 
mapnik_3.0.12+ds-3.debian.tar.xz
 0ac5ebc480daba557976057ecacf7ac2fd751286596a37af87ac5224a1beb8e4 674258 
libmapnik-dev_3.0.12+ds-3_amd64.deb
 4382d221b985516d1446a456deea58a9fdcce70fa52e16323513b4a89f336ffa 2169062 
libmapnik3.0_3.0.12+ds-3_amd64.deb
 ca1e0b8e8c0a17b65c9552c44355321f97d45f4cfe35bf673ae0f602dca57337 2136812 
mapnik-doc_3.0.12+ds-3_all.deb

Bug#859424: marked as done (mapnik shouldn't disable PIE)

Bug#859424: marked as done (mapnik shouldn't disable PIE)

2 matches

Site Navigation

Mail list logo

Footer information