Bug#702306: marked as done (unblock: puredata/0.43.2-5)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Tue, 05 Mar 2013 13:14:51 +0100
with message-id <5135E1BB.1000500@thykier.net>
and subject line Re: Bug#702306: unblock: puredata/0.43.2-5
has caused the Debian Bug report #702306,
regarding unblock: puredata/0.43.2-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
702306: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702306
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: puredata/0.43.2-5
• From: Russ Allbery <rra@debian.org>
• Date: Mon, 04 Mar 2013 15:22:32 -0800
• Message-id: <[🔎] 20130304232232.24940.35587.reportbug@windlord.stanford.edu>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package puredata to fix RC bug #690410.

As discussed in the bug log, the upstream source does strange things
with buffers that cause crashes when built with _FORTIFY_SOURCE.  This
is probably an upstream bug, but this package isn't security-critical
and _FORTIFY_SOURCE isn't yet an archive requirement, so take the path
of least resistance for the wheezy release and disable it for now.

unblock puredata/0.43.2-5

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru puredata-0.43.2/debian/changelog puredata-0.43.2/debian/changelog
--- puredata-0.43.2/debian/changelog	2012-06-21 00:46:39.000000000 -0700
+++ puredata-0.43.2/debian/changelog	2013-03-04 15:15:27.000000000 -0800
@@ -1,3 +1,10 @@
+puredata (0.43.2-5) unstable; urgency=low
+
+  * Disabled FORTIFY_SOURCE for now (Closes: #690410)
+  * Added lintian-overrides due to FORTIFY_SOURCE removal
+
+ -- IOhannes m zmoelnig (gpg-key at iem) <zmoelnig@iem.at>  Mon, 04 Mar 2013 18:05:15 +0100
+
 puredata (0.43.2-4) unstable; urgency=low
 
   * Fixed out-of-bounds table access (Closes: #678306)
diff -Nru puredata-0.43.2/debian/puredata-core.lintian-overrides puredata-0.43.2/debian/puredata-core.lintian-overrides
--- puredata-0.43.2/debian/puredata-core.lintian-overrides	1969-12-31 16:00:00.000000000 -0800
+++ puredata-0.43.2/debian/puredata-core.lintian-overrides	2013-03-04 15:15:27.000000000 -0800
@@ -0,0 +1,3 @@
+## FORTIFY_SOURCE triggers spurious crashes
+## so it's disabled for now
+puredata-core: hardening-no-fortify-functions
diff -Nru puredata-0.43.2/debian/puredata-extra.lintian-overrides puredata-0.43.2/debian/puredata-extra.lintian-overrides
--- puredata-0.43.2/debian/puredata-extra.lintian-overrides	1969-12-31 16:00:00.000000000 -0800
+++ puredata-0.43.2/debian/puredata-extra.lintian-overrides	2013-03-04 15:15:27.000000000 -0800
@@ -0,0 +1,3 @@
+## FORTIFY_SOURCE triggers spurious crashes
+## so it's disabled for now
+puredata-extra: hardening-no-fortify-functions
diff -Nru puredata-0.43.2/debian/puredata-utils.lintian-overrides puredata-0.43.2/debian/puredata-utils.lintian-overrides
--- puredata-0.43.2/debian/puredata-utils.lintian-overrides	1969-12-31 16:00:00.000000000 -0800
+++ puredata-0.43.2/debian/puredata-utils.lintian-overrides	2013-03-04 15:15:27.000000000 -0800
@@ -0,0 +1,3 @@
+## FORTIFY_SOURCE triggers spurious crashes
+## so it's disabled for now
+puredata-utils: hardening-no-fortify-functions
diff -Nru puredata-0.43.2/debian/rules puredata-0.43.2/debian/rules
--- puredata-0.43.2/debian/rules	2012-06-11 03:27:53.000000000 -0700
+++ puredata-0.43.2/debian/rules	2013-03-04 15:15:27.000000000 -0800
@@ -1,8 +1,10 @@
 #!/usr/bin/make -f
 # -*- makefile -*-
 
-## use hardening flags
+## use hardening some flags
 DPKG_EXPORT_BUILDFLAGS = 1
+DEB_BUILD_MAINT_OPTIONS=hardening=+format,-fortify,+stackprotector,+relro
+export DEB_BUILD_MAINT_OPTIONS
 include /usr/share/dpkg/buildflags.mk
 
 ## only link what is needed
@@ -70,4 +72,3 @@
 
 override_dh_compress:
 	dh_compress -X.pd -X.wav -X.aiff -X.txt
-

--- End Message ---

--- Begin Message ---

• To: Russ Allbery <rra@debian.org>, 702306-done@bugs.debian.org
• Subject: Re: Bug#702306: unblock: puredata/0.43.2-5
• From: Niels Thykier <niels@thykier.net>
• Date: Tue, 05 Mar 2013 13:14:51 +0100
• Message-id: <5135E1BB.1000500@thykier.net>
• In-reply-to: <[🔎] 20130304232232.24940.35587.reportbug@windlord.stanford.edu>
• References: <[🔎] 20130304232232.24940.35587.reportbug@windlord.stanford.edu>

On 2013-03-05 00:22, Russ Allbery wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package puredata to fix RC bug #690410.
> 
> As discussed in the bug log, the upstream source does strange things
> with buffers that cause crashes when built with _FORTIFY_SOURCE.  This
> is probably an upstream bug, but this package isn't security-critical
> and _FORTIFY_SOURCE isn't yet an archive requirement, so take the path
> of least resistance for the wheezy release and disable it for now.
> 
> unblock puredata/0.43.2-5
> 
> [...]

Unblocked, thanks.

~Niels

--- End Message ---