Hello Chris, or anyone else affected, Accepted hardening-wrapper into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/hardening- wrapper/2.5ubuntu2.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Description changed: - Proposing to backport this unchanged to trusty. The patch is attached - below in a comment. Verified that the additional parameters are not - added. + SRU Justification: + [Impact] + Some builds may fail because of the way hardening-wrapper adds flags to compilers. + [Test Case] + Try to compile firefox with hardening-wrapper installed. + [Regression Potential] + This changes the perl script to check if these options already exists so it doesn't read add them. + + -- + + + Proposing to backport this unchanged to trusty. The patch is attached below in a comment. Verified that the additional parameters are not added. Firefox currently fails to build in utopic with the following error: c++ -o hexdump.o -c -I../../dist/stl_wrappers -I../../dist/system_wrappers -include /build/buildd/firefox-32.0~b1+build1/config/gcc_hidden.h -DANDROID_SMP=0 -DLOG_NDEBUG=0 -D_GLIBCXX_OS_DEFINES -DHAVE_SYS_UIO_H -DFAKE_LOG_DEVICE -DMOZ_GLUE_IN_PROGRAM -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -DNO_NSPR_10_SUPPORT -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright -I. -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/binding/include -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/frameworks/av/include -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/frameworks/av/include/media/stagefright/foundation -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/frameworks/av/media/libstagefright/ -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/stubs/empty -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/stubs/include -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/stubs/include/media/stag efright/foundation -I/build/buildd/firefox-32.0~b1+build1/media/libstagefright/system/core/include -I../../dist/include -I/build/buildd/firefox-32.0~b1+build1/obj-x86_64-linux-gnu/dist/include/nspr -I/build/buildd/firefox-32.0~b1+build1/obj-x86_64-linux-gnu/dist/include/nss -I/build/buildd/firefox-32.0~b1+build1/obj-x86_64-linux-gnu/dist/include -I/build/buildd/firefox-32.0~b1+build1/modules/zlib/src -fPIC -DMOZILLA_CLIENT -include ../../mozilla-config.h -MD -MP -MF .deps/hexdump.o.pp -Wall -Wpointer-arith -Woverloaded-virtual -Werror=return-type -Werror=int-to-pointer-cast -Wtype-limits -Wempty-body -Wsign-compare -Wno-invalid-offsetof -Wcast-align -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -std=gnu++0x -pthread -pipe -DNDEBUG -DTRIMMED -g -Os -freorder-blocks -fomit-frame-pointer -Wno-format -Wno-multichar -Wno-sign-compare -Wno-unused /build/buildd/firefox-32.0~b1+build1/media/libstagefright/fram eworks/av/media/libstagefright/foundation/hexdump.cpp cc1plus: error: -Wformat-security ignored without -Wformat [-Werror=format-security] cc1plus: some warnings being treated as errors /build/buildd/firefox-32.0~b1+build1/config/rules.mk:1001: recipe for target 'hexdump.o' failed make[6]: *** [hexdump.o] Error 1 https://launchpadlibrarian.net/180524763/buildlog_ubuntu-utopic- amd64.firefox_32.0~b1%2Bbuild1-0ubuntu1_FAILEDTOBUILD.txt.gz Firefox is built with hardening-wrapper (including the format string hardening), but it specifies -Wno-format just for the code in this subdirectory - presumably because this is a third-party module ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1347257 Title: Shouldn't add -Wformat-security and -Werror=format-security arguments if -Wno-format or -Wno-format-security is specified by the caller To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/hardening-wrapper/+bug/1347257/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
