On 14.04.2012 16:42, Moritz Mühlenhoff wrote: > I can rebuild the Apache modules in the archive with test builds if that > helps. I committed a fix to apxs in our VCS yesterday [1]. This will allow you to override LDFLAGS just like it is possible for CFLAGS. Moreover, this change automatically injects hardening flags through apxs if the Apache2 server was built itself with it. Consider this behavior highly experimental and not widely tested. It is probably included in our next upload to experimental and/or unstable unless I find problems with it. This only affects modules built against Apache 2.4 in experimental which we plan to release with Wheezy. This means there aren't too many where you could see this behavior already [2]. Let me know if that helps you, as that will mean all Apache modules in Wheezy (i.e. _after_ the transition) will be built by default with hardening flags unless the maintainer opted out by overriding CFLAGS/CPPFLAGS/LDFLAGS through apxs explicitly. [1] http://anonscm.debian.org/gitweb/?p=pkg-apache/apache2.git;a=shortlog;h=refs/heads/next n.b.: Apache 2.4 is in the next branch [2] http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=apache24transition;users=debian-apache@lists.debian.org -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D
Attachment:
signature.asc
Description: OpenPGP digital signature