Re: [RFC PATCH] dpkg-buildflags: Switch to -fstack-protector-strong
Moritz Muehlenhoff <jmm@inutil.org> writes:
> On Tue, Jun 24, 2014 at 07:11:58AM -0700, Kees Cook wrote:
>> Though really hardening-wrapper should be deprecated for Jessie.
> I looked into it, but the number of packages using -wrapper or
> -includes is too large to do this realistically. Rather for
> jessie+1.
> I think we need a lintian check to gain some traction.
Speaking as one of the people maintaining a package that still uses
hardening-wrapper, some packages have build systems that are quite
difficult to patch to use packaging-provided compiler flags. It's
definitely an upstream bug, but....
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: