Your message dated Fri, 03 Feb 2012 10:03:51 +0000
with message-id <[email protected]>
and subject line Bug#654833: fixed in pound 2.6-2
has caused the Debian Bug report #654833,
regarding Switch to dpkg-buildflags
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
654833: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654833
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: pound
Severity: normal
Tags: patch
Pound already uses hardened build flags for quite some time.
dpkg-buildflags now emits hardened build flags. Please switch
to it. Patch attached.
Cheers,
Moritz
--- pound-2.5.orig/debian/rules 2011-12-15 16:45:25.000000000 +0100
+++ pound-2.5/debian/rules 2012-01-06 01:19:34.000000000 +0100
@@ -10,29 +10,15 @@
CONFFLAGS += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE)
endif
-ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS)))
- CFLAGS += -g
-endif
-ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
- CFLAGS += -O0
-else
- CFLAGS += -O2
- CFLAGS += -D_FORTIFY_SOURCE=2
-endif
ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
INSTALL_PROGRAM += -s
endif
-ifneq ($(DEB_HOST_GNU_CPU),arm)
- CFLAGS += -fstack-protector
-endif
-CFLAGS += -fPIE
-LDFLAGS += -Wl,-z,relro,-z,noexecstack -pie
config.status: configure
dh_testdir
mv config.sub config.sub.upstream && ln -s /usr/share/misc/config.sub
mv config.guess config.guess.upstream && ln -s /usr/share/misc/config.guess
- env LDFLAGS="$(LDFLAGS)" CFLAGS="$(CFLAGS)" ./configure --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --sysconfdir=/etc/pound
+ ./configure $(shell dpkg-buildflags --export=configure) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --sysconfdir=/etc/pound
rm config.sub && mv config.sub.upstream config.sub
rm config.guess && mv config.guess.upstream config.guess
--- End Message ---
--- Begin Message ---
Source: pound
Source-Version: 2.6-2
We believe that the bug you reported is fixed in the latest version of
pound, which is due to be installed in the Debian FTP archive:
pound_2.6-2.debian.tar.gz
to main/p/pound/pound_2.6-2.debian.tar.gz
pound_2.6-2.dsc
to main/p/pound/pound_2.6-2.dsc
pound_2.6-2_amd64.deb
to main/p/pound/pound_2.6-2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Martin Meredith <[email protected]> (supplier of updated pound package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 03 Feb 2012 09:40:45 +0000
Source: pound
Binary: pound
Architecture: source amd64
Version: 2.6-2
Distribution: unstable
Urgency: low
Maintainer: Martin Meredith <[email protected]>
Changed-By: Martin Meredith <[email protected]>
Description:
pound - reverse proxy, load balancer and HTTPS front-end for Web servers
Closes: 654833
Changes:
pound (2.6-2) unstable; urgency=low
.
* Update anti_beast patch
- Actually authored by Joe Gooch <[email protected]>
- Fix segfault on some systems
* Added patch to fix XSS redirect vulnerability
- Patch from Joe Gooch <[email protected]>
* Switched to dpkg-buildflags (Closes: #654833)
- Patch from Moritz Muehlenhoff <[email protected]>
Checksums-Sha1:
dd3e9c86787bd411ae5090df32fc8e3ce19a6bab 1712 pound_2.6-2.dsc
8ff290c5d6ed20641e3714356f82b2e9157cf684 11561 pound_2.6-2.debian.tar.gz
49ea7bf50fa9de04c1943d67ee39ce662a2c529b 111514 pound_2.6-2_amd64.deb
Checksums-Sha256:
65b80067d45644f3aa061fcf431123dfccc037ca6c1ee47656208c49793ccd13 1712
pound_2.6-2.dsc
6977da51d950d02818aa839a7455ad57625f79428630b92cfa174f12c6eeaaa0 11561
pound_2.6-2.debian.tar.gz
305f719c0e6c7d5c7435d1f4d2e74df19b2bda48a85db701eafd551492e757c6 111514
pound_2.6-2_amd64.deb
Files:
3e714470da245bb44eef38ba03473786 1712 net extra pound_2.6-2.dsc
2ae25c08e341d5b3eb1aa0b576b33f03 11561 net extra pound_2.6-2.debian.tar.gz
4ec99b30cdd5c51ca5b87a81c19c98ba 111514 net extra pound_2.6-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJPK6/pAAoJECr71n/RM6xu+M8P/2labG3lbQjRfzORiTgF5GPu
1+Seg3vnLrmiBu9pJ00MW4JI7u80TLYb7ZZXzsujfR8tnXn8XIokB5Ei0VaE0dpB
ju29Jnx1B6tNOucY5QiaIQ4+K8x/t53PyMzmzyLGWXMZJ5NysSm8/Y6ZsHZm8UMs
uProg/U05S563VZ0AA6PeofVxBegjJ4dbAFdTBuD4JqH+aGhspiTIeuwuGfL4Kln
i9EqxDQ8qYbqKfmsy/dNEBj+7IsQxy0phtQvPrRDmh+bSGqMu0SDMWviz+ahow1l
n/hRkZrnjCfYDKOKyKlln9hdXwpZsmG4Gpk6zR7AZDi3LBz6zsHBiW7ZQg/tmyN1
WmzWNVBWq16SeA+tXH7XWMxzAhQ5sAJFaDNWDfY19NLzOuDxZJaXK27cJG/Lguf1
2rVLgvtgOQOE03Oj0MR9+1UokWntEGLSs2OJLWqfDojZMP153OoB9odst3cQuz4g
YtaIdsrhmGcHUlP2kR/MBOvauJZM4tjrl6a4QxbwrBieIXoTpX0h/Xz+SozfLLug
6I7tnbQY1PF0DfkOg8G1JyLJXpHusLiOuOsBe4bcK1NX4KG7Jbrh2DnFyVmYurGu
9TNzSkM/I/1nHUSEwOHf/G7iubg+m8Imie2zWFnTRvPPZfqNYyonTsnUHgaV8hVO
joLCYC+aEx8zO6WNeo3G
=pRtU
-----END PGP SIGNATURE-----
--- End Message ---
