hardening-wrapper_2.1~bpo60+1_amd64.changes is NEW

To: debian-backports-changes@lists.debian.org
Subject: hardening-wrapper_2.1~bpo60+1_amd64.changes is NEW
From: Backports Debian FTP Masters <ftpmaster@backports.debian.org>
Date: Sat, 14 Apr 2012 12:47:05 +0000
Message-id: <[🔎] E1SJ2Nd-0004Xv-2r@morricone.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

(new) hardening-includes_2.1~bpo60+1_all.deb optional devel
Makefile for enabling compiler flags for security hardening
 Makefile to be included in Debian rules files. CFLAGS and LDFLAGS
 can be extended to include the respective HARDENING_* variables which
 contain architecture-validated security hardening compiler options.
 .
 Also includes the "hardening-check" script to help evaluate the hardening
 status of already compiled binaries.
(new) hardening-wrapper_2.1~bpo60+1.dsc optional devel
(new) hardening-wrapper_2.1~bpo60+1.tar.gz optional devel
(new) hardening-wrapper_2.1~bpo60+1_amd64.deb optional devel
Compiler wrapper to enable security hardening flags
 Replaces gcc, g++, and ld with wrapper scripts that set security hardening
 compilation flags, as an alternative to changing gcc specs. Enabled when
 DEB_BUILD_HARDENING=1 is set.


Changes:
hardening-wrapper (2.1~bpo60+1) squeeze-backports; urgency=low
 .
  * Rebuild for squeeze-backports.
 .
hardening-wrapper (2.1) unstable; urgency=low
 .
  * hardening-check:
    - handle _local suffix for non-ELF i386 objects (Closes: 666895).
    - add "-h" for "--help".
    - sort and indent libc function list for easier review.
  * Makefile: retain newlines when generating libc function list.
 .
hardening-wrapper (2.0) unstable; urgency=low
 .
  * hardening-check: add color, based on a patch from Simon Ruderich.
  * hardening-check: fix lintian tag for non-PIE ELF to "no-pie".
  * debian/rules, debian/hardening-wrapper.{prerm,postinst}: add gcc-4.7
    to the diversion list (Closes: 666520).
  * debian/control:
    - fix Vcs-Browser link for loggerhead (Closes: 664495).
    - add Multiarch tag to hardening-includes (Closes: 666471).
  * Makefile, debian/*: convert to dh(1).
  * hardening-check: generate list of libc functions at build time.
  * hardening-check, tests/Makefile.common: add support for scanning
    object archives for stack-protector and fortify (Closes: 664862).
 .
hardening-wrapper (1.36) unstable; urgency=low
 .
  * hardening-check: fix function-finder to accept IFUNC too, improve
    reporting slightly, improve manpage to explain false alarms.
 .
hardening-wrapper (1.35) unstable; urgency=low
 .
  * debian/control: switch to "optional" priority so lintian can depend
    on hardening-includes.
  * hardening-check: rewrite in Perl, add "--lintian" mode, to support
    fixing bug 650536.
 .
hardening-wrapper (1.34) unstable; urgency=low
 .
  * debian/control: update VCS tags for bzr.
  * hardening{-check,.make}: correct documentation from -O2 to -O1.
  * hardened-{cc,ld}, hardening.make, debian/rules: use DEB_HOST_ARCH instead
    of of DEB_HOST_ARCH_CPU for behavioral defaults (Closes: 635642).
 .
hardening-wrapper (1.33) unstable; urgency=low
 .
  * debian/control:
    - bump to standards 3.9.2; no changes needed
    - hardening-wrapper: mark as Multi-Arch: foreign for build sanity.
  * debian/source/format: mark as 3.0 native.
 .
hardening-wrapper (1.32) unstable; urgency=low
 .
  * debian/rules, debian/hardening-wrapper.{prerm,preinst,postinst}:
    remove gcc-4.1 diversions since it has been removed from unstable.
  * hardened-cc, hardening.make: add "-Werror=format-security" by default
    (Closes: #587358).
  * tests/Makefile.common, tests/format.c: add test for newly added
    "-Werror=format-security" default option.
  * hardened-cc, hardening.make: add "--param ssp-buffer-size=4" by
    default to catch smaller character arrays.
  * tests/Makefile.common, tests/ssp-buffer-size-{protect,skip}.c:
    add tests for newly added "--param ssp-buffer-size=4" default.
  * debian/README.Debian: updated to include newly added options.
  * hardened-cc: disable -fstack-protector when -ffreestanding used.
  * hardening.make: provide examples for working around build-time
    collisions between "-fPIE" and "-fPIC" (Closes: #596150).
 .
hardening-wrapper (1.31) unstable; urgency=low
 .
  * tests/Makefile.common: do not require @@GLIBC suffix for nm tests.
  * tests/Makefile.wrapper: include symlink for ld.gold testing.
  * hardening-check: improve hardening-check to parse BIND_NOW also from
    the FLAGS dynamic section.
 .
hardening-wrapper (1.30) unstable; urgency=low
 .
  * debian/README.Debian: update for gcc versions, include minimal
    notes on hardening-includes (Closes: 592847, 592846).
  * debian/rules, debian/hardening-wrapper.{prerm,postinst}: add gcc-4.6
    to the diversion list.
  * debian/control: remove binutils-multiarch conflict now that ld.bfd
    is no longer diverted.


Override entries for your package:

Announcing to debian-backports-changes@lists.debian.org


Your package contains new components which requires manual editing of
the override file.  It is ok otherwise, so please be patient.  New
packages are usually added to the override file about once a week.

You may have gotten the distribution wrong.  You'll get warnings above
if files already exist in other distributions.
ll get warnings above
if files already exist in other distributions.

Reply to:

Prev by Date: Processing of hardening-wrapper_2.1~bpo60+1_amd64.changes
Next by Date: Processing of puppet_2.7.13-1~bpo60+1_amd64.changes
Previous by thread: Processing of hardening-wrapper_2.1~bpo60+1_amd64.changes
Next by thread: Processing of puppet_2.7.13-1~bpo60+1_amd64.changes
Index(es):
- Date
- Thread