[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted hardening-wrapper 1.28~bpo50+1 (source all amd64)

Hash: SHA256

Format: 1.8
Date: Mon, 28 Jun 2010 17:23:11 -0300
Source: hardening-wrapper
Binary: hardening-wrapper hardening-includes
Architecture: source all amd64
Version: 1.28~bpo50+1
Distribution: lenny-backports
Urgency: low
Maintainer: Package Hardening <hardening-discuss@lists.alioth.debian.org>
Changed-By: Ulises Vitulli <dererk@debian.org>
 hardening-includes - Makefile for enabling compiler flags for security hardening
 hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 462682 465827 472324 475764 506066 535037 548250 564596 564840 567707 568622 574716 578488 586215
 hardening-wrapper (1.28~bpo50+1) lenny-backports; urgency=low
   * Non-maintaner upload for backports.org
   * Backport for Lenny Archive.
 hardening-wrapper (1.28) unstable; urgency=low
   * hardening.make: enable PIE on hurd (Closes: 586215), thanks to
     Samuel Thibault.
 hardening-wrapper (1.27) unstable; urgency=low
   * hardening.make:
     - disable RELRO on avr32.
     - clarify use of CXXFLAGS.
   * hardening-check: fix regex to correctly call sed (Closes: 578488).
 hardening-wrapper (1.26) unstable; urgency=low
   * hardening.make: disable PIE on avr32 (Closes: 574716).
 hardening-wrapper (1.25) unstable; urgency=low
   * debian/control:
     - bump standards version: no changes needed.
     - should not be considered "experimental".
   * hardening-check: use readelf's "-s" instead of "-r" to avoid issues
     with archs that lack sane relocations.
   * tests/Makefile.common:
     - adjust tests to include -s output.
     - weaken nm symbol matching.
 hardening-wrapper (1.24) unstable; urgency=low
   * hardening-check: handle alternate names for relocation jump slots
     (Closes: 568622)
   * tests/Makefile.common: show relocations as well for future debugging.
 hardening-wrapper (1.23) unstable; urgency=low
   * hardening.make: correctly document how to disable PIE on a per-target
     basis (Closes: 567707).
   * tests/Makefile.{common,includes}: add HARDENING_DISABLE_* flags tests.
 hardening-wrapper (1.22) unstable; urgency=low
   * debian/hardening-wrapper.postrm: fix typo in diversion name
     (Closes: 564840).
 hardening-wrapper (1.21) unstable; urgency=low
   * debian/control: add ${misc:Depends} to control file entries to
     keep lintian happy.
   * hardening-check: add -q option to only report failures.
   * really handle gcc 4.5 diversion (Closes: 564596).
   * handle ld diversion when binutils-gold installed (Closes: 535037).
 hardening-wrapper (1.20) unstable; urgency=low
   * hardening.make:
     - switch to "filter" for easier to read logic.
     - allow PIE for arm/armel, since it's only the kernel that lacks ASLR.
   * tests/Makefile: perform test builds with -fstack-protector and -fPIE -pie
     on all architectures just to have a record of the success/failure
     in the build logs, even if we are manually selecting the defaults.
 hardening-wrapper (1.19) unstable; urgency=low
   * debian/rules: fix up arch/arch-indep rules to avoid rebuilding
     arch-indep bits repeatedly.
   * hardening-check, debian/{rules,hardening-includes.manpages},
     tests/Makefile.common: add helper utility to allow users of
     hardening-includes to evaluate the state of a given binary's
     resulting hardening features.
   * debian/rules: add gcc-4.5 to the diversion list.
 hardening-wrapper (1.18) unstable; urgency=low
   * debian/{control,rules}: add "hardening-includes" for use in other
     Debian rules files.
   * debian/rules, hardening.make: relocate/enhance architecture logic
     to common makefile include file.
   * tests/*: update to test both wrapper and include style.
 hardening-wrapper (1.17) unstable; urgency=low
   * Add Conflicts on binutils-gold, which also uses diversions against
     gcc and friends (Closes: 535037, LP: #442636).
 hardening-wrapper (1.16) unstable; urgency=low
   * tests/Makefile: exclude relro test on hppa.
 hardening-wrapper (1.15) unstable; urgency=low
   * tests/Makefile: exclude tests based on architecture (ia64 w/o relro).
   * debian/rules: disable PIE on mips/mipsel until bug 532821 is solved
     (Closes: #548250).
 hardening-wrapper (1.14) unstable; urgency=low
   * hardened-ld: add ...BINDNOW for -Wl,-z,now ELF markings.
   * debian/control: moved to standards version 3.8.2, no changes needed.
   * tests/Makefile: add tests for RELRO and BIND_NOW.
   * hardening-{cc,ld}.1: document BINDNOW and RELRO, add on to See Also.
 hardening-wrapper (1.13) unstable; urgency=low
   * hardened-cc: add ...DEBUG_SYMLINKS to visualize symlink resolution.
   * hardened-cc: detect uninstalled targets and abort (Closes: #506066).
   * debian/{rules,postinst,postrm}: add links for gcc-4.4.
   * debian/control: moved to standards version 3.8.0, no changes needed.
 hardening-wrapper (1.12) unstable; urgency=low
   * hardened-cc: add -nostdlib test missing from older gcc (gcc-4.0, gcc-4.1).
   * hardened-{cc,ld}: load system defaults from /etc/hardening-wrapper.conf
   * hardened-{cc,ld}.1: updated man pages to mention system-wide config.
   * hardened-{cc,ld}: handle relative symlinks correctly to address issues
     pointed out by Sedat Dilek.
 hardening-wrapper (1.11) unstable; urgency=low
   * hardened-ld: disable PIE logic -- gcc should be the only part of the
     toolchain requesting PIE.
   * tests/Makefile: use -B instead of GCC_EXEC_PREFIX, which does not
     do the right thing on all architectures.
 hardening-wrapper (1.10) unstable; urgency=low
   * hardened-cc, hardened-ld: re-arranged logic for "-pie".  Old logic
     was resulting in failed compiles under cmake.
   * tests/Makefile: moved debian/rules tests into separate directory,
     added -fPIC test cases, based on issues uncovered by cmake.
   * debian/rules: disabled stack protector on mips, hppa -- not supported.
 hardening-wrapper (1.9) unstable; urgency=low
   * debian/rules:
     - disable stack protector on arm, armel.
     - disable PIE on arm, armel (thanks to Riku Voipio, Closes: 475764).
     - show readelf output on test builds.
     - fully link by tricking gcc into running the ld test wrapper.
   * hello.c: re-arranged to exercise stack protector, report PIE.
   * hardened-ld: add env var way to force use of /usr/bin/ld during tests.
 hardening-wrapper (1.8) unstable; urgency=low
   * debian/rules: disable stack protector on ia64 and alpha.
 hardening-wrapper (1.7) unstable; urgency=low
   * debian/rules: corrected binary-arch target (Closes: 472324).
 hardening-wrapper (1.6) unstable; urgency=low
   * debian/rules: build hardened-c++ from hardened-cc.
   * debian/{rules,control}, hardened-cc: disable PIE by default on m68k,
     hppa (Closes: #465827).
   * hello.c: added test program to catch architecture-specific failures.
 hardening-wrapper (1.5) unstable; urgency=low
   * Fix typo in hardened-c++ self-check regex (Closes: #462682).
 hardening-wrapper (1.4) unstable; urgency=low
   * hardened-ld: fix relro argument passing (ld silently takes any -z arg).
 hardening-wrapper (1.3) unstable; urgency=low
   * hardened-{cc,c++}: fix -Wformat-security typo.
   * debian/postinst: only clean up old diversions on a versioned upgrade.
   * debian/postrm: do not require known arguments.
 hardening-wrapper (1.2) unstable; urgency=low
   * Move away from generic "builder" prefix to "hardened".
   * Provide links for gcc 4.1, 4.2, and 4.3 instead of top-level links.
   * Provide manpage link for package name.
   * Clean up previous diversions.
   * Move to "all" arch since arch-dep symlinks are no longer used.
 ee8fa9799a29e3923a37332344596e4bec82f898 1709 hardening-wrapper_1.28~bpo50+1.dsc
 218d0f2e749e81a920989407f728d884f15e5557 14931 hardening-wrapper_1.28~bpo50+1.tar.gz
 7cb8e0c62f7ca5830af05ddd19fc97bf0a0e8119 12410 hardening-includes_1.28~bpo50+1_all.deb
 55797c288c3c1beb5043c819e3a27c0c5d17b087 11928 hardening-wrapper_1.28~bpo50+1_amd64.deb
 904db1864f92ff687b5e467f2ba4085e62282dd56e2e41e0ad7c6bad62f052ac 1709 hardening-wrapper_1.28~bpo50+1.dsc
 22fc9a11896a6561e8821f449e79eabae99abf459033331d550bd5dde5d08453 14931 hardening-wrapper_1.28~bpo50+1.tar.gz
 4c69ac119547bc3ba58e00e4413d6ecadb9403ae298ba89a31446d2f6ec4d8cf 12410 hardening-includes_1.28~bpo50+1_all.deb
 2724933ccb62fa4764d1070c6618c734403f89b5166107b2f58ed11a81bdf9d3 11928 hardening-wrapper_1.28~bpo50+1_amd64.deb
 0bc4998b0e9b5bab2634eb83ceb3ff2c 1709 devel extra hardening-wrapper_1.28~bpo50+1.dsc
 39cc3760f912ac582686fcc16450376c 14931 devel extra hardening-wrapper_1.28~bpo50+1.tar.gz
 197479b3f9fbcb7e6710f7eafb914806 12410 devel extra hardening-includes_1.28~bpo50+1_all.deb
 e074ba7e89a0132a10990c12e5d735a8 11928 devel extra hardening-wrapper_1.28~bpo50+1_amd64.deb

Version: GnuPG v1.4.10 (GNU/Linux)


  to pool/main/h/hardening-wrapper/hardening-includes_1.28~bpo50+1_all.deb
  to pool/main/h/hardening-wrapper/hardening-wrapper_1.28~bpo50+1.dsc
  to pool/main/h/hardening-wrapper/hardening-wrapper_1.28~bpo50+1.tar.gz
  to pool/main/h/hardening-wrapper/hardening-wrapper_1.28~bpo50+1_amd64.deb

Reply to: