[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ubuntu-devel-discuss
Subject:    Bug#859357: choreonoid shouldn't disable PIE
From:       Adrian Bunk <bunk () debian ! org>
Date:       2017-04-02 18:56:27
Message-ID: 149115938745.30890.17362121626085074058.reportbug () localhost
[Download RAW message or body]

Source: choreonoid
Version: 1.5.0+dfsg-0.1
Severity: normal
Tags: patch

With gcc in stretch defaulting to PIE, hardening=+all,-pie changed
semantics from "enable hardening but not PIE" to "enable all hardening
and explicitely disable the default PIE".
The latter is usually not intended.

The -pie in hardening flags was in some cases required in pre-stretch
releases to avoid build failures caused by (incorrectly) passing -fPIE
to the compiler when building shared libraries or plugins.
This problem does no longer exist.

Please consider applying the following change:

--- debian/rules.old	2017-04-02 18:35:57.000000000 +0000
+++ debian/rules	2017-04-02 18:36:10.000000000 +0000
@@ -2,7 +2,7 @@
 # -*- makefile -*-
 
 # Hardening.
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie,+fortify
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all,+fortify
 
 CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS)
 CFLAGS:=$(shell dpkg-buildflags --get CFLAGS)

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
[prev in list] [next in list] [prev in thread] [next in thread]