Your message dated Mon, 18 Dec 2023 03:19:32 +0000
with message-id <e1rf4ag-004wvr...@fasolo.debian.org>
and subject line Bug#1040062: fixed in dpkg 1.22.2
has caused the Debian Bug report #1040062,
regarding dpkg-dev: Please drop pie-{compile,link}.spec
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1040062: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040062
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dpkg-dev
Version: 1.21.22
Severity: normal
X-Debbugs-Cc: debian-al...@lists.debian.org, debian-i...@lists.debian.org
[ Cc set to debian-alpha@ and debian-ia64@ since they are most affected ]
Since stretch all release architectures are using PIE by default,
and all future release architectures (including riscv64) will also
use PIE by default.
Many packages in Debian are building with hardening=+all, and the
effect regarding PIE is "enable PIE for this package on some obscure
ports architectures that don't have it enabled by default" which is
unlikely to be what the maintainer intended.
There are also some pre-stretch "hardening=+pie" left
in some packages.
There are some problems with this:
1. PIE should either be default or not be used
I suspect x32 might be able to default to PIE without problems
(there might just not be enough interest left to change the default).
On alpha the toolchain has already become quite brittle
with frequent issues like (reproducible) linker segfaults,
any variations that affects the toolchain are bad.
It is for the port maintainers to decide whether or not PIE
is considered stable on a port, and accordingly either make
it default (which also avoids the other issues below) or not.
It is clear that a non-PIE architecture would no longer be
considered suitable as release architecture.
2. It causes weird issues on undersupported architectures
gluegen2 passes LDFLAGS to ld instead of gcc.
Several packages have relocation errors only on affected
architectures.
...
Such issues could be debugged and fixed, but in practice
trying to handle such issues that happen only with
pie-{compile,link}.spec creates additional work that frustrates
the few people keeping these non-release architectures alive.
The lowest effort fix would be to patch debian/rules of affected
packages to disable hardening=+pie on affected architectures,
but that would still be spending time on working around a problem
that shouldn't exist.
3. It breaks some cases of static linking
Linking a package with hardening=+all against a static library
from a package not using hardening=+all cannot work on the
affected architectures.
Static linking is relatively rare, but I remember requesting binNMUs
for static linking cases to fix FTBFS on release architectures when
the default changed before stretch.
Please drop pie-{compile,link}.spec, on the architectures
where it has any effect it is doing more harm than good.
Thanks
--- End Message ---
--- Begin Message ---
Source: dpkg
Source-Version: 1.22.2
Done: Guillem Jover <guil...@debian.org>
We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1040...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guillem Jover <guil...@debian.org> (supplier of updated dpkg package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 18 Dec 2023 03:37:08 +0100
Source: dpkg
Architecture: source
Version: 1.22.2
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers <debian-d...@lists.debian.org>
Changed-By: Guillem Jover <guil...@debian.org>
Closes: 1040062 1055536 1058631 1058637
Changes:
dpkg (1.22.2) unstable; urgency=medium
.
[ Guillem Jover ]
* dpkg-shlibdeps: Do not require debian/control when parsing CLI options.
Closes: #1055536
* Architecture support:
- Remove arm64ilp32 support.
See https://lists.debian.org/debian-dpkg/2023/11/msg00007.html.
- Remove uclinux support.
See https://lists.debian.org/debian-dpkg/2023/11/msg00012.html.
- Remove knetbsd-any support.
- Restrict kfreebsd ports to amd64 and i386.
- Restrict kopensolaris ports to amd64 and i386.
- Restrict hurd ports to amd64 and i386.
- Restrict dragonflybsd ports to amd64.
- Restrict aix ports to powerpc and ppc64.
- Restrict solaris ports to amd64, i386, sparc and sparc64.
- Restrict darwin ports to amd64, arm, arm64, i386, powerpc and ppc64.
- Restrict freebsd ports to amd64, arm, arm64, i386, powerpc, ppc64, riscv.
- Split tupletable header names description into two paragraphs.
* Perl modules:
- Dpkg::OpenPGP::Backend::Sequoia: Switch to use --signer-file.
- Dpkg::Vendor::Debian: Mask PIE for alpha and ia64. Closes: #1040062
- Dpkg::Control::Types: Add aliases for type enumerations.
* Documentation:
- man: Add dpkg-build-api behavior for Rules-Requires-Root field defaults.
- man: Improve description for dpkg-build-api v1 items.
- doc, man: Clarify terminology for Debian control files.
* Code internals:
- libcompat: Disable VLA usage for gettext.h.
- libdpkg: Remove dead code after non-returning error function call.
- libdpkg: Mark varbuf constructor as explicit.
- Reduce variables scope.
- update-alternatives: Wrap the bad_format() function pointer call into a
new function.
- start-stop-daemon: Rename local variables shadowing global info()
function name.
- libdpkg: Add underscore after NO to FHFF_NONEW and FHFF_NOCOPY enum
values.
- Use FHFF_NONE instead of a literal 0 in calls to fsys_hash_find_node().
Reported by Alexandre Detiste <alexandre.deti...@gmail.com>.
- dpkg-split: Change heading print logic to use a proper boolean.
- dpkg-shlibdeps: Defer add_library_dir() calls after option parsing.
- libdpkg: Remove unused DEFAULTSHELL and DEFAULTPAGER macros.
- dpkg-buildapi: Do not include newline in Usage text to be translated.
* Build system:
- Check whether we need to linkg against libtinfo explicitly.
- Add support for structured procfs via struct psinfo.
- Replace action-if-found with : for extra libselinux check.
- Check and print sizeof off_t and time_t on the configure summary.
* Packaging:
- Use installtest instead of test target in autopkgtests.
* Test suite:
- Reorder check on whether pkg is NULL.
- Split and sort cppcheck arguments to be one per line.
- Remove unused cppcheck suppressions.
- Improve cppcheck coverage.
- Pass -I<builddir> to cppcheck instead of «.» if <builddir> is defined.
* Localization:
- Update Catalan translations.
- Update Dutch translations.
Thanks to Frans Spiesschaert <frans.spiesscha...@yucom.be>.
Closes: #1058631, #1058637
.
[ Helge Kreutzmann ]
* Localization:
- Update German man pages translation.
- Update German scripts translation.
Checksums-Sha1:
8f1a9d111077407516f375282e5aac69b34161fb 3041 dpkg_1.22.2.dsc
7b99e6cb503d9f7e7841891ab462a972d047a6e6 5603036 dpkg_1.22.2.tar.xz
5ddec4e3c43d1827b1b5d3abe636a25fcd73ba48 8057 dpkg_1.22.2_amd64.buildinfo
Checksums-Sha256:
56d101eb9caee788efedbe18365c8597e7939c8af8d152fdf6a6974393eee6d2 3041
dpkg_1.22.2.dsc
9a05ff60fdc80b012162d9ebb6bdfb80607bb8cd5eeb1429ae60b7f516668bbd 5603036
dpkg_1.22.2.tar.xz
a466835c11c3a6bc248a687de7affa99f55950573e0d2ce80e35b39adfce6831 8057
dpkg_1.22.2_amd64.buildinfo
Files:
54cb3641d7d4a9a1c3f47d3262aeb091 3041 admin required dpkg_1.22.2.dsc
591fe669ae36c1c93a8658bd650e38a6 5603036 admin required dpkg_1.22.2.tar.xz
d23f4d917f89bd01cea47f660b239699 8057 admin required
dpkg_1.22.2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmV/s6kACgkQuXK/PqSu
V6NrPQ//WoWfOnnX/jpHA+YRcsCLlWs2dZSRuDVMPJYU9uJN2lkMnzVbJrQluraZ
01eBs0N9c9pBYwRsdKJRRedtL7QR9tW1j4xIZYLnfg55BNskhI1eJwF4ppAL0EUo
x8HNUD4yPdT5smhzLqzmhkHb8DNY3DmiZqPnsBPf5eXxe9CmOvBKnGuVeID6llWH
vRbNFPFGnhLMkHSy5CobhCLIrB3Xt3GxGIoyEoTCnwJWcXJbQ5787BFXDq15tgQb
vQaPfGecbiRRpqkItc17QM+ECj2lOxpAQm8LrcYxwjnsEnCrhBoueTLXjZs4sHVk
RtMpVXTlC05nubdtSg3brtU6xKbleyXFGhQ/8BCzy1z672L2l046HRwnENGosJkY
0yXEorYEYzLNARCbU0S6u76WTFLsHtkmSTJA0PRMczL499xZ6k+Racq9XaRERrHT
Ns+UIwXMxljpDXACVuoIcd536FyM4biiynYZXD5LDxFf0R+NkOHw6QZySmOls4F1
XvgYj2Y6q9ZZQmtEg5a9V6kERr6TjmypFEXfP6vmAWopTKpLuzkvrv71fHsMbkx+
iL/kd2jemoWOQqa2Qz63pvo8F6gnJL+BSGLkxOhXrT1hHXYkJCphmyoogRO+aREQ
Qo/POaR5DxnkFTZQPk8UP12dzkSu2OfC3g2VhMsZZwblpcICxiE=
=xQ8q
-----END PGP SIGNATURE-----
--- End Message ---
