Bug#552688: Please decide how Debian should enable hardening build flags
[sorry for breaking the thread]
Raphael Hertzog wrote:
> Can you do the work of collecting those statistics? Tollef has access
> to a big machine where building all package takes 14h. Roger Leigh used
> it for that kind of research.
> Maybe you can do the rebuild without -Werror=format-security and just grep
> the log to find out those that would fail.
This was already done back at DC10 and the outcome was 8 packages FTBFS.
However, taking a further look at them now, it looks like the rebuild was not
done as intended and only packages using h-w were influenced by the new flag.
If the flag is disabled then I think it is pointless to enable -Wformat and -
Wformat-security, as I stated in #587358.
 quagga, bist, grap, robodoc, nast, rtpproxy, strongswan, zoem
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net