Your message dated Fri, 10 Feb 2012 03:32:20 +0000
with message-id <[email protected]>
and subject line Bug#646343: fixed in dlume 0.2.4-9
has caused the Debian Bug report #646343,
regarding leafpad: FTBFS with -Werror=format-security
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
646343: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646343
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: leafpad
Version: 0.8.18.1-1
Severity: normal
User: [email protected]
Usertags: hardening-format-security hardening
the package leafpad fails to compile with the new hardened compiler
flags dpkg-buildflag outputs [0].
The problematic flag is: -Werror=format-security
See the ubuntu buildlog:
https://launchpadlibrarian.net/83144457/buildlog_ubuntu-precise-i386.leafpad_0.8.18.1-1_FAILEDTOBUILD.txt.gz
Snippet:
gcc -DHAVE_CONFIG_H -I. -I.. -DICONDIR=\"/usr/share/pixmaps\"
-D_FORTIFY_SOURCE=2 -pthread -I/usr/include/gtk-2.0
-I/usr/lib/x86_64-linux-gnu/gtk-2.0/include -I/usr/include/atk-1.0
-I/usr/include/gdk-pixbuf-2.0 -I/usr/include/pango-1.0
-I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12
-I/usr/include/cairo -I/usr/include/gio-unix-2.0/
-I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -g -O2
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security
-Werror=format-security -Wall -c -o leafpad-dialog.o `test -f 'dialog.c'
|| echo './'`dialog.c
dialog.c: In function 'run_dialog_message':
dialog.c:39:3: error: format not a string literal and no format
arguments [-Werror=format-security]
dialog.c: In function 'create_dialog_message_question':
dialog.c:64:3: error: format not a string literal and no format
arguments [-Werror=format-security]
cc1: some warnings being treated as errors
The buildflags are not exported in debian, but can be enabled e.g. by
adding this to debian/rules:
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
Please fix the issues and maybe also enable the hardened build in debian.
[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: dlume
Source-Version: 0.2.4-9
We believe that the bug you reported is fixed in the latest version of
dlume, which is due to be installed in the Debian FTP archive:
dlume_0.2.4-9.debian.tar.gz
to main/d/dlume/dlume_0.2.4-9.debian.tar.gz
dlume_0.2.4-9.dsc
to main/d/dlume/dlume_0.2.4-9.dsc
dlume_0.2.4-9_amd64.deb
to main/d/dlume/dlume_0.2.4-9_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jari Aalto <[email protected]> (supplier of updated dlume package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 08 Feb 2012 15:02:33 -0500
Source: dlume
Binary: dlume
Architecture: source amd64
Version: 0.2.4-9
Distribution: unstable
Urgency: low
Maintainer: Jari Aalto <[email protected]>
Changed-By: Jari Aalto <[email protected]>
Description:
dlume - simple and easy to use addressbook (GTK+)
Closes: 646343
Changes:
dlume (0.2.4-9) unstable; urgency=low
.
* debian/compat
- Update to 9
* debian/control
- (Build-Depends): update to debhelper 9, dpkg-dev 1.16.1.
* debian/patches
- (50): Refresh. Fix code for gcc hardened format specifiers.
* debian/rules
- Use hardened CFLAGS (FTBFS; Closes: #646343).
http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
Checksums-Sha1:
1ba278a0f7bc10c44ecb5085383a6811e324ceef 1885 dlume_0.2.4-9.dsc
e8ef6c7471a9194ca2bb2ca89fa26ce55ca349c3 15354 dlume_0.2.4-9.debian.tar.gz
dbc33612c34b7cbbd9e088bd97136411e33aa454 132600 dlume_0.2.4-9_amd64.deb
Checksums-Sha256:
a7447962d1b8c078460dc35f40e41838a083cc4c2c9e15454ea3e1d5c0b6d6d2 1885
dlume_0.2.4-9.dsc
f28322a9054615a9643cc2236ee8348f147d3908bfafc2aab5e4cd668b4ef8f7 15354
dlume_0.2.4-9.debian.tar.gz
c115641e542f0b29f6c4a55631e1f75683f3cfadc60604ef5cee03ef53694564 132600
dlume_0.2.4-9_amd64.deb
Files:
0f2f760ee679a5bd024e4898928d55ec 1885 utils optional dlume_0.2.4-9.dsc
b0efa9eeff8edf383b5d46b4508181c8 15354 utils optional
dlume_0.2.4-9.debian.tar.gz
7ca2079c02987b753417e96408573c35 132600 utils optional dlume_0.2.4-9_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBAgAGBQJPNI5mAAoJECHSBYmXSz6Wz18QANo7U6WV/VXE/TWDRPiO6SRq
nASb2SZCw3DJmU4zOJ/QyNieOffIBV+J6UpvFB8q8ZVXxTjajR2PE9BZxOrAtato
9n2zdkWoVvuZ1Cb7e9ElSu3wompQHkbW1sVNJAAw21oRkQQjHVTE1NHZX9qHnGE/
HBQUt5oZ3QD2anKaRgc80fLe9bGBQInvvltQ4yd4YOH3QYAruGQrs+GF1qrAbJsy
j6h1jzDW/+DYlrQ8SvZLVW0TVg4EkNysM7XR3IfUSGfg5DYGBSZMfDiVDE7HQC9h
BOYthhislAThMF98L1S6F3ksaMgjSaXGsYcurHi5IwIYW9GMhNkaS7UmSNUd+QD8
8zdj6fj4N1Kc2f5I3VPl4ivevLYewmYEzBGMcsHqh7pWQfpM2o1JT4f4LmY9DxGU
uSpkEsxwEprYOwkvExr064Di9CuAlQC8VbdQ1EtrHRzGP/Ow/4TCI+u2Ggpdebnn
HRbM2bd2b9oXsCOMGxyjcPpzdff9z1p69AYqpT+KjCfhJpTdvRZmOOyzOl2EQ7GM
NfetURFBn7jkBIkyr9TukFIcM3Q3G7oc3N7SQAp3DItStlXYVN4q2AflCg3AcPaL
r8bSChBBza63vlWYML7IWCO5sMGru9woCjHpXfbt9Z1elW/o94RuF6rPO0nx249h
e5f7SM+J4RwMjwudqeM5
=uxl/
-----END PGP SIGNATURE-----
--- End Message ---
