[Pkg-security-team] [t50] 02/05: Remove -pie explicit flag It is already passed as hardening+=all.

Subject: [Pkg-security-team] [t50] 02/05: Remove -pie explicit flag It is already passed as hardening+=all.
From: samueloph@gmail.com (Samuel Henrique)
Date: Fri, 26 Aug 2016 09:44:42 -0300
Message-id: <[🔎] CABwkT9oH33vkej7QjO=ODhwfxeqSouFbL-FwwLhxuMeWL1iSKg@mail.gmail.com>
In-reply-to: <[🔎] 6f4a274a-8957-818a-cd4f-3157ef6164c3@yahoo.es>
References: <20160826021847.6065.40078@moszumanska.debian.org> <E1bd6jI-0001bQ-3u@moszumanska.debian.org> <[🔎] 20160826071823.refy6owe7gigfapq@home.ouaza.com> <[🔎] 6f4a274a-8957-818a-cd4f-3157ef6164c3@yahoo.es>

?Hi all,?

2016-08-26 4:18 GMT-03:00 Raphael Hertzog <hertzog at debian.org>:

> Please respect the git conventions to format git commit logs.
> One line summary. One empty line. Then a long description.
>

?Sorry, will follow this on the next commits, thanks for warning me.?

?Then I believe this commit to be wrong, or at least your description is
> wrong.
>
> "-pie" disables -fPIE while "+all" enables it... so it's not redundant,
> that was the correct syntax to say "enable everything except -fPIE".
>
> But if it works with -fPIE then there's no reason to disable it for sure.
> I did not check that.?
>
?
Yeah, the commit description is wrong, -fPIE would work because the CFLAGS
were being reset on configure.ac ("CFLAGS=") instead of associating with
previously passed flags ("CFLAGS+=").

?2016-08-26 5:54 GMT-03:00 Marcos Fouces <mfouces at yahoo.es>:

> When i first packaged t50, i needed to disable -pie flag because it
> triggered a compilation error and i wasn't able to build the sources with
> all the hardening flags (with just hardening=+all). As Rapha?l points out,
> this is the opposite of you believe.
>
> Anyway, you did a good move adapting my patch not to include the -g flag
> but to get rid of other CPU specific artifacts. I just build the package
> and it seems to be fine.
>
> I updated the changelog to reflect your work in a new revision and added a
> missing comma in control file.
>
> IMHO, it worths a new upload in order to check if it builds on more
> architectures.
>
> Thanks for your help!
>


I believe the above explains the -pie flag problem, i agreed we need a new
t50 upload, Raphael, can you do that for us?
I see that i missed a comma on the control file and you fixed for me,
thanks a lot!
?
Samuel Henrique O. P. [samueloph]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20160826/99310eb9/attachment.html>

Reply to:

References:
- [Pkg-security-team] [t50] 02/05: Remove -pie explicit flag It is already passed as hardening+=all.
  - From: hertzog@debian.org (Raphael Hertzog)
- [Pkg-security-team] [t50] 02/05: Remove -pie explicit flag It is already passed as hardening+=all.
  - From: mfouces@yahoo.es (Marcos Fouces)

Prev by Date: [Pkg-security-team] braa_0.82-2_amd64.changes ACCEPTED into unstable, unstable
Next by Date: [Pkg-security-team] Some problems with T50 packaging
Previous by thread: [Pkg-security-team] [t50] 02/05: Remove -pie explicit flag It is already passed as hardening+=all.
Next by thread: [Pkg-security-team] doona_0.7+git20131211-1_amd64.changes ACCEPTED into unstable, unstable
Index(es):
- Date
- Thread