[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-devel
Subject: Re: Lintian warning: hardening-no-fortify-functions & version numbering
From: Andrey Rahmatullin <wrar () wrar ! name>
Date: 2012-06-19 14:10:34
Message-ID: 20120619141034.GG5754 () belkar ! wrar ! name
[Download RAW message or body]
On Tue, Jun 19, 2012 at 04:04:31PM +0200, José Luis Segura Lucas wrote:
> I have read the output of lintian-info -t about
> hardening-no-fortify-functions, and it helps a lot. The software uses
> Cmake as build tool, and the "hardening-wrapper" solution solved some
> lintian warnings, but not the latest one.
Why do you need hardening-wrapper? You should use flags set by
dpkg-buildflags.
> I have looked at the buld logs, and I can see that the CPPFLAGS
> "-D_FORTIFY_SOURCE=2" is included in all the compiler calls, but the
> warning is still present.
>
> What's the problem with this?
You should read http://bugs.debian.org/673112 mentioned in the lintian tag
description and use hardening-check --verbose on binaries reported. If
only memcpy and memmove are printed by hardening-check, you should ignore
the warning.
> My another question is about the version numbering: the software is
> still in development and they make a new minor version each week
> (approximately). Sometimes I need to package something that is in their
> repository but not still in a numbered version, so, I tried to use the
> latest known version and add a ~TIMESTAMPgit... to the minor version
> number, but debuild warns me about the version 0.1.0~2012......git-1 is
> less than 0.1.0.
That's right, 0.1.0~2012......git-1 is less than 0.1.0. If you need
versions that are greater than 0.1.0, use + instead of ~.
> The latest thing is that I have seen several packages with ~TIMESTAMP
> (screen, by example): they add a alpha-numeric string after the "git"
> word... what does it mean?
git-describe(1)
> Where can I found some information about packaging directly from VCS?
file:///usr/share/doc/git-buildpackage/manual-html/gbp.import.html#GBP.IMPORT.UPSTREAM-GIT
(if you use git-buildpackage)
--
WBR, wRAR
["signature.asc" (application/pgp-signature)]
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120619141034.GG5754@belkar.wrar.name
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic