Re: [RFC PATCH] dpkg-buildflags: Switch to -fstack-protector-strong

[Russ Allbery <rra@debian.org>]

Moritz Muehlenhoff <jmm@inutil.org> writes:
> On Tue, Jun 24, 2014 at 07:11:58AM -0700, Kees Cook wrote:

>> Though really hardening-wrapper should be deprecated for Jessie.

> I looked into it, but the number of packages using -wrapper or
> -includes is too large to do this realistically. Rather for
> jessie+1.

> I think we need a lintian check to gain some traction.

Speaking as one of the people maintaining a package that still uses
hardening-wrapper, some packages have build systems that are quite
difficult to patch to use packaging-provided compiler flags.  It's
definitely an upstream bug, but....

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>