Your message dated Wed, 29 Aug 2012 17:47:40 +0000
with message-id <[email protected]>
and subject line Bug#646262: fixed in gkrellm 2.3.5-4
has caused the Debian Bug report #646262,
regarding gkrellm: FTBFS with -Werror=format-security
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
646262: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646262
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gkrellm
Version: 2.3.5-3
Severity: normal
User: [email protected]
Usertags: hardening-format-security hardening
the package gkrellm fails to compile with the new hardened compiler flags
dpkg-buildflag outputs [0].
The problematic flag is: -Werror=format-security
See the ubuntu buildlog:
https://launchpadlibrarian.net/83135544/buildlog_ubuntu-precise-i386.gkrellm_2.3.5-3_FAILEDTOBUILD.txt.gz
Snippet:
cc -c -Wall -O2 `pkg-config --cflags glib-2.0 gthread-2.0` -I..
-I../shared -DGKRELLM_SERVER -DENABLE_NLS
-DLOCALEDIR=\"/usr/share/locale\" -g -O2 -fstack-protector
--param=ssp-buffer-size=4 -Wformat -Wformat-security
-Werror=format-security -D_FORTIFY_SOURCE=2 main.c -o main.o
main.c: In function 'gkrellmd_syslog_log':
main.c:190:2: error: format not a string literal and no format arguments
[-Werror=format-security]
main.c: In function 'detach_from_terminal':
main.c:1101:7: warning: ignoring return value of 'chdir', declared with
attribute warn_unused_result [-Wunused-result]
cc1: some warnings being treated as errors
The buildflags are not exported in debian, but can be enabled e.g. by
adding this to debian/rules:
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
Please fix the issues and maybe also enable the hardened build in debian.
[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: gkrellm
Source-Version: 2.3.5-4
We believe that the bug you reported is fixed in the latest version of
gkrellm, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sandro Tosi <[email protected]> (supplier of updated gkrellm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 29 Aug 2012 19:33:47 +0200
Source: gkrellm
Binary: gkrellm gkrellmd
Architecture: source amd64
Version: 2.3.5-4
Distribution: experimental
Urgency: low
Maintainer: Sandro Tosi <[email protected]>
Changed-By: Sandro Tosi <[email protected]>
Description:
gkrellm - GNU Krell Monitors
gkrellmd - GNU Krell Monitors Server
Closes: 646262
Changes:
gkrellm (2.3.5-4) experimental; urgency=low
.
* debian/patches/06_bts646262_add_format_string_to_syslog_call.patch
- fix a FTBFS with hardening flags by using a proper format-string to
syslog() call; thanks to Julian Taylor for the report and to Stefan Gehn
for the patch; Closes: #646262
* debian/{control, compat}
- move to Debhelper 9, in particular to enable hardening flags
* debian/control
- bump Standards-Version to 3.9.3 (no changes needed)
Checksums-Sha1:
4d34c168cea0ca117f018178beb8f436dd1da805 1317 gkrellm_2.3.5-4.dsc
137ae1d1f1b9c0b0421b5625766a0d679611afd3 16417 gkrellm_2.3.5-4.debian.tar.gz
77ee2832a5b64d9af46112c273de605971d042df 836454 gkrellm_2.3.5-4_amd64.deb
9f32419cd1d9d004032e15329e376b94bfd3b673 120910 gkrellmd_2.3.5-4_amd64.deb
Checksums-Sha256:
325cf3937ed2feabc8f9400fd5423e709e7f7b9968c3e1946c094007d25bc812 1317
gkrellm_2.3.5-4.dsc
5029f6d7d17f7f83edf6138b925ff08d334a482a6c0e45bd4e1c369c84b864b7 16417
gkrellm_2.3.5-4.debian.tar.gz
caf82f6eafe374fedb05b4104625f33ab149189869982e56183aeba99341d70b 836454
gkrellm_2.3.5-4_amd64.deb
78bea3b559ad3e1e3099af096ce01f26146623632a024891c4ed6edabbf38ac8 120910
gkrellmd_2.3.5-4_amd64.deb
Files:
23df383fde8f560742c4c86606c19eba 1317 x11 optional gkrellm_2.3.5-4.dsc
1bf988ef1dce577dd2101040a3a9787b 16417 x11 optional
gkrellm_2.3.5-4.debian.tar.gz
3e59876ea45f3f3b468d2e9f906f9ada 836454 x11 optional gkrellm_2.3.5-4_amd64.deb
ea80f8d823b9bec77d78ff6626995572 120910 x11 optional gkrellmd_2.3.5-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlA+VCAACgkQAukwV0RN2VCW7ACgkmg3jvW9RQy8tpy2AQMObmtX
UekAnRum3GsilhHGbVaUCM0j5WM1qDj6
=pLPB
-----END PGP SIGNATURE-----
--- End Message ---
