At this point in the release process, I really think upgrading with _FORTIFY_SOURCE disabled is the correct fix. Just increasing a buffer size is usually not a good idea; that's the sort of change that can paper over a deeper problem without actually solving it, just temporarily hiding it. At the least, I think it would require more testing than we would be able to do at this point.
My recommendation is to apply the change suggested in the bug log to disable _FORTIFY_SOURCE for the wheezy release, and then, post-wheezy, upload the package with _FORTIFY_SOURCE enabled and possibly with the buffer size increased (maybe after discussion with upstream). Does that sound like the right move? Would it be helpful for someone to assist with an NMU? -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org