I found this upstream commit touching Distutils.cmake and included in release 17.1.0: https://github.com/ceph/ceph/commit/1f6cf5e4031358721624f4d2e79162b2b1bbf0a0
Comparing build logs of 15.2.17-0ubuntu0.20.04.6 in Focal: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+build/27668885 [ 95%] Generating ../../../lib/cython_modules/lib.3/cephfs.cpython-38-x86_64-linux-gnu.so cd /<<PKGBUILDDIR>>/src/pybind/cephfs && env CC="/usr/bin/cc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -fno-strict-aliasing -fsigned-char -Wtype-limits -Wignored-qualifiers -Wpointer-arith -Werror=format-security -Winit-self -Wno-unknown-pragmas -rdynamic -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -fdiagnostics-color=auto -iquote/<<PKGBUILDDIR>>/src/include -w -D'void0=dead_function(void)' -D'__Pyx_check_single_interpreter(ARG)=ARG ## 0'" CXX="/usr/bin/c++" LDSHARED="/usr/bin/cc -shared" OPT="-DNDEBUG -g -fwrapv -O2 -w" LDFLAGS=-L/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib CYTHON_BUILD_DIR=/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src/pybind/cephfs CEPH_LIBDIR=/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib /usr/bin/python3.8 /<<PKGBUILDDIR>>/src/pybind/cephfs/setup.py build --verbose --build-base /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib/cython_modules --build-platlib /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib/cython_modules/lib.3 ...and 17.1.0-0ubuntu3 in Jammy: https://launchpad.net/ubuntu/+source/ceph/17.1.0-0ubuntu3/+build/23490357 [ 84%] Generating ../../../lib/cython_modules/lib.3/cephfs.cpython-310-x86_64-linux-gnu.so cd /<<PKGBUILDDIR>>/src/pybind/cephfs && env CC="/usr/bin/cc" CFLAGS="" CPPFLAGS="-iquote/<<PKGBUILDDIR>>/src/include -w -D'void0=dead_function(void)' -D'__Pyx_check_single_interpreter(ARG)=ARG ## 0'" CXX="/usr/bin/c++" LDSHARED="/usr/bin/cc -shared" OPT="-DNDEBUG -g -fwrapv -O2 -w" LDFLAGS=-L/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib CYTHON_BUILD_DIR=/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src/pybind/cephfs CEPH_LIBDIR=/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib /usr/bin/python3.10 /<<PKGBUILDDIR>>/src/pybind/cephfs/setup.py build --build-base /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib/cython_modules --build-platlib /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/lib/cython_modules/lib.3 We can see the build in Focal includes the hardening flags, and the build in Jammy does not. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2078244 Title: ceph: Does not respect compiler flags for Python extensions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/2078244/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
