Your message dated Mon, 13 Jan 2020 06:34:22 +0000 with message-id <E1iqtIs-0001S0-4m@fasolo.debian.org> and subject line Bug#948759: fixed in apache2 2.4.41-2 has caused the Debian Bug report #948759, regarding apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 948759: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948759 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map
- From: Vagrant Cascadian <vagrant@reproducible-builds.org>
- Date: Sun, 12 Jan 2020 18:25:42 -0800
- Message-id: <[🔎] 875zhg9jo9.fsf@yucca>
Source: apache2 Version: 2.4.41-1 Severity: wishlist Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: buildpath environment X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org The CXXFLAGS variable was not getting cleaned in debian/clean_config_vars, which meant that while -fdebug-prefix-map was cleaned from CFLAGS, it was still present in CXXFLAGS. Additionally, support for -ffile-prefix-map was added to GCC and dpkg and is used in the tests.reproducible-builds.org infrastructure when testing unstable and experimental. The attached patch fixes both issues, and I believe should result in apache2 being reproducible again in Debian. Thanks for maintaining apache2! live well, vagrantFrom 6ef03f7cce3b45999a81485e9bfa178971115d60 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagrant@reproducible-builds.org> Date: Sun, 12 Jan 2020 18:04:01 -0800 Subject: [PATCH 2/2] Also clean CXXFLAGS and -ffile-prefix-map. --- debian/clean_config_vars | 6 ++++-- debian/rules | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/debian/clean_config_vars b/debian/clean_config_vars index f88ab3ca..90867080 100755 --- a/debian/clean_config_vars +++ b/debian/clean_config_vars @@ -6,6 +6,7 @@ my %FLAGS = { 'CFLAGS' => $ARGV[0], 'CPPFLAGS' => $ARGV[1], 'LDDFLAGS' => $ARGV[2], + 'CXXFLAGS' => $ARGV[3], }; @@ -22,7 +23,8 @@ sub clean_and_deduplicate $return_flags .= "$flag " unless $flag =~ m/PLATFORM/ || $flag =~ m/-DBUILD_DATETIME/ || - $flag =~ m/-fdebug-prefix-map/; + $flag =~ m/-fdebug-prefix-map/ || + $flag =~ m/-ffile-prefix-map/; } return $return_flags; } @@ -36,7 +38,7 @@ open(TMP_CONFIG_VARS, ">", "tmp_config_vars.mk") || die("tmp_config_vars.mk: $1" while(my $line = <CONFIG_VARS>) { chomp $line; - unless ($line =~ m/(^|_)(LD|CPP|C)FLAGS/) + unless ($line =~ m/(^|_)(LD|CPP|C|CXX)FLAGS/) { print TMP_CONFIG_VARS "$line\n"; } diff --git a/debian/rules b/debian/rules index 508dde96..954da288 100755 --- a/debian/rules +++ b/debian/rules @@ -74,7 +74,7 @@ clean-config-vars-stamp: debian/tmp/usr/share/apache2/build/config_vars.mk debia # Clean up config_vars.mk so that flags that are only intended for the # compilation of apache2 itself are not used by apxs for compiling # modules. - perl ./debian/clean_config_vars '$(AP2_CFLAGS)' '$(AP2_CPPFLAGS)' '$(AP2_LDFLAGS)' + perl ./debian/clean_config_vars '$(AP2_CFLAGS)' '$(AP2_CPPFLAGS)' '$(AP2_LDFLAGS)' '$(CXXFLAGS)' touch $@ %: %.in -- 2.20.1Attachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 948759-close@bugs.debian.org
- Subject: Bug#948759: fixed in apache2 2.4.41-2
- From: Xavier Guimard <yadd@debian.org>
- Date: Mon, 13 Jan 2020 06:34:22 +0000
- Message-id: <E1iqtIs-0001S0-4m@fasolo.debian.org>
Source: apache2 Source-Version: 2.4.41-2 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 948759@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Xavier Guimard <yadd@debian.org> (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 13 Jan 2020 06:14:45 +0100 Source: apache2 Architecture: source Version: 2.4.41-2 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Xavier Guimard <yadd@debian.org> Closes: 948757 948759 Changes: apache2 (2.4.41-2) unstable; urgency=medium . [ Stefan Fritsch ] * Add *.load file for mod_socache_redis . [ Vagrant Cascadian ] * Embeds path to EGREP in config_vars.mk (Closes: #948757) * Sanitize CXXFLAGS/-ffile-prefix-map in config_vars.mk (Closes: #948759) Checksums-Sha1: 544d9e7f01590d3ec95abe66194670f666303015 3493 apache2_2.4.41-2.dsc 6a05bd3add873f7d2cab0c892fa3ad729a52c6fd 1015900 apache2_2.4.41-2.debian.tar.xz Checksums-Sha256: 0ac873426ba8265afb9f5cc4dc86b7c7255a416b27eafefd15018986cef3570e 3493 apache2_2.4.41-2.dsc e58fb4685492ff940673696dfb6c59c6b64bc0a67080716f34617013d38576ed 1015900 apache2_2.4.41-2.debian.tar.xz Files: 45574908a8690bc0a56c878c0da350aa 3493 httpd optional apache2_2.4.41-2.dsc 12693d9a473e85e3b85c427f08153fca 1015900 httpd optional apache2_2.4.41-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAl4cDBsACgkQ9tdMp8mZ 7ulwOg/9HdKa4XuDgVV2L4qlyyihy8gjo4nVO9VLgn3ExiHh9mi14Mxmn9N/vLhg gBSIn+Rd7ZAWuOMJ5VK0KGt67Gu1/XXymI57nEy83aLO6EaeOKl3DitsbQRJ4wmA oo4WGpmbJc4XIsilPTDTAsdzun8G5oOUR7BlkDI9uNaou8qZ8xQr+TL3/lWpPFMS UrMnI0VDc04FsrWDzJdL5e9VO98mppJCmMbEZQ+AaVnKnt8UTSwmMOfAVwIYXctu aY/irdfRTls2eprscRkzAuF/eP1/RXEvdIz3qXFrmMhpoWL7QlTsip/9vnB4HvuN H47E4vd3XfqRLT9P5eUF46wj1JdmBgVPA1RZMlCMQTqyd8YVFWjg8yg1ii+9Y+Kg oKH5785xojYKgKCJVXhayBYJ1J46TBWZgeAm2noZaAbxVBmYXayQ94QoFqV1/5Yy WLt5tOoW+z9psO7VMFxWixrBzOtHvBL631VpY+PH32iA3WPWwZg2VRY2Rh+wFnZJ 2s1AsUiWWB30eq4fl+hW7W1NPlZlNi3wyTvsDfNr7dKqqRnD3hNIQnsAaU3b8pGU ImbjyTn9Xd8CgxoFEzafYDSla/l5DvFW+MK5/dV5cYA8OCZgNtS+7yoaAgvtAQmh +u944N8Z8m9EqguFq0m2VFMIvGq7vsOx6dL8UWe4ex37Lwlcc/o= =+DaI -----END PGP SIGNATURE-----
--- End Message ---