Bug#783232: release-notes: two comments about the security section

To: Moritz Muehlenhoff <jmm@inutil.org>, 783232@bugs.debian.org
Cc: Romain Francoise <rfrancoise@debian.org>, Debian Security Team <team@security.debian.org>
Subject: Bug#783232: release-notes: two comments about the security section
From: Niels Thykier <niels@thykier.net>
Date: Fri, 24 Apr 2015 22:11:14 +0200
Message-id: <[🔎] 553AA362.2090001@thykier.net>
Reply-to: Niels Thykier <niels@thykier.net>, 783232@bugs.debian.org
In-reply-to: <[🔎] 20150424160259.GA16551@inutil.org>
References: <[🔎] 87618llug7.fsf@orebokech.com> <[🔎] 553A5A0A.4000406@thykier.net> <[🔎] 20150424160259.GA16551@inutil.org>

Control: tags -1 - moreinfo

On 2015-04-24 18:02, Moritz Muehlenhoff wrote:
> [...]
> 
> These were in fact carried over from wheezy and Romain's comments
> are confirmed to be correct.
> 
> Cheers,
>         Moritz
> 

Thanks for confirming, I have devised the following patch (already
committed) for dealing with the hardening-wrapper part.

The kernel / symlink protection remains, which is why I have not tagged
this pending yet.

~Niels

>From 37641cf4a59da3f045de030477e9e9cab103a896 Mon Sep 17 00:00:00 2001
From: nthykier <nthykier@313b444b-1b9f-4f58-a734-7bb04f332e8d>
Date: Fri, 24 Apr 2015 20:09:35 +0000
Subject: [PATCH] Mark hardening-wrapper as deprected (see #783232)

Signed-off-by: Niels Thykier <niels@thykier.net>

git-svn-id: svn+ssh://svn.debian.org/svn/ddp/manuals/trunk/release-notes@10845 313b444b-1b9f-4f58-a734-7bb04f332e8d
---
 en/upgrading.dbk | 4 +++-
 en/whats-new.dbk | 4 +---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/en/upgrading.dbk b/en/upgrading.dbk
index e58aebf..8bf80a2 100644
--- a/en/upgrading.dbk
+++ b/en/upgrading.dbk
@@ -1374,7 +1374,9 @@ This includes the following features:
 
 <itemizedlist>
 	<listitem>
-		<para>
+		<para>The <systemitem
+		role="package">hardening-wrapper</systemitem> package
+		is deprecated and is expected to be removed in Stretch.
 		</para>
 	</listitem>
 </itemizedlist>
diff --git a/en/whats-new.dbk b/en/whats-new.dbk
index 36829ef..e0228d2 100644
--- a/en/whats-new.dbk
+++ b/en/whats-new.dbk
@@ -476,9 +476,7 @@ TODO: Need to include stuff from &lt;5447EC14.2070502@debian.org&gt;
   protector flag has been switched to stack-protector-strong for extra
   hardening.  Note that the hardened build flags are not enabled by
   default in <systemitem role="package">gcc</systemitem>, so they are
-  not used automatically when locally building software. The package
-  <systemitem role="package">hardening-wrapper</systemitem> can
-  provide a <systemitem>gcc</systemitem> with these flags enabled.
+  not used automatically when locally building software.
   </para>
 
   <para>New in this release is the <systemitem
-- 
2.1.4

Reply to:

References:
- Bug#783232: release-notes: two comments about the security section
  - From: Romain Francoise <rfrancoise@debian.org>
- Bug#783232: release-notes: two comments about the security section
  - From: Niels Thykier <niels@thykier.net>
- Bug#783232: release-notes: two comments about the security section
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Bug#783252: Document samba changes in regard to serving executable files to Windows clients
Next by Date: Processed: Re: Bug#783232: release-notes: two comments about the security section
Previous by thread: Bug#783232: release-notes: two comments about the security section
Next by thread: Processed: Re: Bug#783232: release-notes: two comments about the security section
Index(es):
- Date
- Thread