Bug#892664: dpkg: Please add support for zstd (Zstandard) compressed packages

Hi Tomas, Tomas Pospisek ezt írta (időpont: 2021. nov. 28., V, 16:25): > > Rustam wrote on 12 Oct 2021: > > > Hi Guillem, > > Any news on the proposed patch? > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892664#49 > > Can it be merged already? ;) > > Ubuntu packages are already using

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi, For the record I'm not working on this anymore. Feel free to either close the bug or pick the work up from here. IMO there is not much to worry about enabling bindnow since Ubuntu enabled it in 16.10. Cheers, Balint [1] https://wiki.ubuntu.com/ToolChain%20/CompilerFlags/#A-Wl.2C-z.2Cnow

Bug#812782: dpkg: Please add hardened1-linux-amd64 port

Control: notfound -1 1.18.4 Development on this port is stalled thus I close this bug for the time there is no progress to help managing the dpkg bug count. I'll reopen the bug when the hardened port makes some progress again. Thanks. Balint

Bug#848129: pie-link specs should not be passed when pie is not enabled

2016-12-15 23:26 GMT+01:00 Matthias Klose : > On 15.12.2016 13:27, Guillem Jover wrote: >> Hi! >> >> On Wed, 2016-12-14 at 12:54:41 +0100, Matthias Klose wrote: >>> Package: dpkg-dev >>> Version: 1.18.15 >>> Severity: important >>> Tags: sid stretch >>> >>> This is seen on all

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi Matthias, 2016-12-14 15:09 GMT+01:00 Matthias Klose <d...@debian.org>: > On 14.12.2016 13:58, Bálint Réczey wrote: >> Hi All, >> >> 2016-11-06 13:20 GMT+01:00 Bálint Réczey <bal...@balintreczey.hu>: >>> Hi Guillem, >>> >>> 2016

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi All, 2016-11-06 13:20 GMT+01:00 Bálint Réczey <bal...@balintreczey.hu>: > Hi Guillem, > > 2016-10-27 23:49 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: >> Hi, >> >> 2016-10-26 13:46 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: >>&g

Bug#845193: dpkg: recent -specs PIE changes break openssl

Hi Guillem, 2016-11-24 17:00 GMT+01:00 John Paul Adrian Glaubitz : > On 11/24/2016 04:35 PM, Guillem Jover wrote: >> Hi! >> >> On Thu, 2016-11-24 at 14:52:33 +, Thorsten Glaser wrote: >>> clone 845193 -1 >>> reassign -1 dpkg >>> retitle -1 dpkg: please do not add

Bug#812783: dpkg: Please use ASAN, UBSAN and bindnow on hardened1-linux-amd64

Hi, 2016-11-04 4:42 GMT+01:00 Guillem Jover : > Hi! > > On Mon, 2016-05-23 at 11:45:46 +0100, Steven Chamberlain wrote: >> This may be a silly / obvious question to ask, but: >> do any of the proposed hardening options _really_ change the ABI? > > I don't think it's silly at

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi Guillem, 2016-10-27 23:49 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: > Hi, > > 2016-10-26 13:46 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: >> Hi, >> >> 2016-10-26 5:00 GMT+02:00 Guillem Jover <guil...@debian.org>: >>> Hi

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi, 2016-10-26 13:46 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: > Hi, > > 2016-10-26 5:00 GMT+02:00 Guillem Jover <guil...@debian.org>: >> Hi! >> >> On Thu, 2016-10-20 at 03:20:59 +0200, Bálint Réczey wrote: >>> For the record gcc-6/6.2.0-7

Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

2016-10-26 17:21 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: > Hi, > > 2016-10-26 5:41 GMT+02:00 Guillem Jover <guil...@debian.org>: >> Hi! >> >> On Wed, 2016-10-26 at 05:08:52 +0200, Guillem Jover wrote: >>> On Wed, 2016-09-07 at 00:48:17 +

Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Hi, 2016-10-26 5:41 GMT+02:00 Guillem Jover <guil...@debian.org>: > Hi! > > On Wed, 2016-10-26 at 05:08:52 +0200, Guillem Jover wrote: >> On Wed, 2016-09-07 at 00:48:17 +0200, Bálint Réczey wrote: >> > 2016-09-04 3:03 GMT+02:00 Balint Reczey <bal...@balintrecz

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi, 2016-10-26 5:00 GMT+02:00 Guillem Jover <guil...@debian.org>: > Hi! > > On Thu, 2016-10-20 at 03:20:59 +0200, Bálint Réczey wrote: >> For the record gcc-6/6.2.0-7 enabled bindnow for the architectures >> where PIE is enabled by default. I think enabling bindnow f

Bug#835146: dpkg: please enable bindow hardening flag by default

Hi Guillem, For the record gcc-6/6.2.0-7 enabled bindnow for the architectures where PIE is enabled by default. I think enabling bindnow from dpkg would be better through the hardening flags because packages could disable it in a nicer and already established way. Cheers, Balint 2016-10-10

Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Hi Guillem, gcc-6/6.2.0-7 has just been uploaded with the changed defaults. The list of architectures is a bit different than the one in the attaches patch. The updated list is: amd64 arm64 armel armhf i386 mips mipsel mips64el ppc64el s390x Cheers, Balint 2016-09-07 0:48 GMT+02:00 Bálint

Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Hi Guillem, I'm rebuilding all packages failed with the original patch and a good share does compile with the following additional patches. I would have preferred only the original patch, but apparently this is our best chance for enabling PIE for the archive. I'll start filing bugs for for the

Bug#812783: dpkg: Please use ASAN, UBSAN and bindnow on hardened1-linux-amd64

Hi Guillem, 2016-03-09 12:09 GMT+01:00 Guillem Jover <guil...@debian.org>: > Hi! > > On Tue, 2016-03-08 at 11:29:04 +0100, Bálint Réczey wrote: >> 2016-03-08 1:52 GMT+01:00 Guillem Jover <guil...@debian.org>: >> > Actually setting bindnow and PIE would be fi

Bug#812783: dpkg: Please use ASAN, UBSAN and bindnow on hardened1-linux-amd64

Hi Guillem, 2016-03-08 1:52 GMT+01:00 Guillem Jover <guil...@debian.org>: > Control: block -1 by 812782 > > On Fri, 2016-01-29 at 12:55:42 +0100, Bálint Réczey wrote: >> 2016-01-29 0:46 GMT+01:00 Guillem Jover <guil...@debian.org>: >> > On Tue, 2016-01-26 at

Bug#812782: dpkg: Please add

Hi Guillem, 2016-01-29 0:42 GMT+01:00 Guillem Jover : > Hi! > > On Tue, 2016-01-26 at 15:23:43 +0100, Balint Reczey wrote: >> Package: dpkg >> Version: 1.18.4 >> Severity: wishlist >> Tags: patch >> User: bal...@balintreczey.hu >> Usertags: hardened1-linux-amd64 > >>

Bug#760741: dpkg: Please add new port hardened-amd64 enabling ASAN and UBSAN by default

Hi Gulliem, 2014-09-07 17:26 GMT+02:00 Guillem Jover guil...@debian.org: Hi! On Sun, 2014-09-07 at 15:01:35 +0200, Balint Reczey wrote: Package: dpkg Version: 1.17.13 Severity: wishlist Tags: patch I'm working on a new port, hardened-amd64 [1]. This does not what dpkg ports are meant

Bug#760690: dpkg: Memory handling error detected during build

Package: dpkg Version: 1.17.14 Severity: normal Tags: patch Hi, Running tests from Valgrind revealed an off-by-one error in Dpkg. The first attached patch fixes it and the second just simplifies a function I looked at while making the first fix. Please consider accepting the first patch