Bug#831694: RFS: shadowsocks-libev/2.4.7+20160630+ds-3 -- lightweight and secure socks5 proxy
On 07/18/2016 05:40 PM, Roger Shimizu wrote:
> On Tue, Jul 19, 2016 at 12:21 AM, Christian Seiler <christian@iwakd.de> wrote:
>> Please don't disable the SSP unconditionally, because it's a useful
>> defense-in-depth strategy. Especially since you are packaging a
>> network service, I would really recommend not doing that.
>
> My bad on wording of changelog.
> Actually it means turn off the broken hardening by upstream, and only
> use hardening by Debian (from dpkg-buildflags)
> So this change won't lower the security check.
Then everything's fine w.r.t. hardening. :-)
I would still recommend you disable -Werror though, in order to
not run into trouble at some later point in time. (As I said:
-Werror is really useful if you're developing the software, but
it should IMHO never be used for production builds.) But it's
not urgent to do so, especially if you plan on uploading newer
versions soon anyway.
>> [0004/0005 patches]
> Indeed.
> This makes more clear.
> I'll update the changelog entry on next release.
Great! :)
Regards,
Christian
(who will take a look at the package because it sounds really
interesting)
Reply to: