Your message dated Sat, 09 Jul 2016 16:28:03 +0000
with message-id <[email protected]>
and subject line Bug#823295: fixed in mutt 1.6.1-2
has caused the Debian Bug report #823295,
regarding mutt: Please add hardening feature to mutt's build
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
823295: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823295
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: mutt
Version: 1.6.0-1
Severity: important
Tags: patch
Attached patch enables hardening feature to debian/rules.
--
Elimar
>From 12451565fcca81736c508fc628fdace356e13143 Mon Sep 17 00:00:00 2001
From: Elimar Riesebieter <[email protected]>
Date: Tue, 3 May 2016 08:43:23 +0200
Subject: [PATCH] Added hardening to rules
---
debian/rules | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/debian/rules b/debian/rules
index 84c10f4..bbb8aa0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -3,6 +3,11 @@
include /usr/share/quilt/quilt.make
QUILT = QUILT_PATCHES=$(QUILT_PATCH_DIR) quilt --quiltrc /dev/null
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/buildflags.mk
+
###################### user serviceable parts ######################
###
@@ -78,10 +83,10 @@ ifneq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE))
endif
# CFLAGS
-CFLAGS = `dpkg-buildflags --get CFLAGS`
+# CFLAGS = `dpkg-buildflags --get CFLAGS`
CFLAGS += -Wall
-LDFLAGS = `dpkg-buildflags --get LDFLAGS`
-CPPFLAGS = `dpkg-buildflags --get CPPFLAGS`
+# LDFLAGS = `dpkg-buildflags --get LDFLAGS`
+# CPPFLAGS = `dpkg-buildflags --get CPPFLAGS`
CPPFLAGS += -I/usr/include/qdbm
# Directory to make the build on
--
2.8.1
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 1.6.1-2
We believe that the bug you reported is fixed in the latest version of
mutt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Faidon Liambotis <[email protected]> (supplier of updated mutt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 09 Jul 2016 00:05:49 +0300
Source: mutt
Binary: mutt
Architecture: source
Version: 1.6.1-2
Distribution: experimental
Urgency: medium
Maintainer: Mutt maintainers <[email protected]>
Changed-By: Faidon Liambotis <[email protected]>
Description:
mutt - text-based mailreader supporting MIME, GPG, PGP and threading
Closes: 823295
Changes:
mutt (1.6.1-2) experimental; urgency=medium
.
* Fold mutt-patched into mutt, as the line between the wo has became more
blurry since its introduction. Upstream mutt has merged the sidebar and
the Debian mutt binary package already carries a lot of feature patches.
- Remove the mutt-patched binary from debian/control.
- Add Breaks/Replaces: mutt-patched on the mutt binary package.
- Remove mutt-patched rules from debian/rules.
- Move multiple-fcc (the only remaining patch) under features/.
* Similarly, fold mutt-kz, a binary from a different source package until
now, into mutt. mutt-kz upstream has joined forces with NeoMutt, so this
is now a matter of just passing --enable-notmuch to our ./configure.
* Remove update-alternatives support for /usr/bin/mutt and associated
manpages and docs. This only existed for the benefit of mutt-patched and
mutt-kz and is thus moot now.
* Update neomutt to a newer version, 20160611.
- Enable *all* the neomutt patches now, not just a hand-picked selection.
- Use the single patch, as the broken out patches conflict with each
other.
- Drop the compressed-folders, NNTP and path_max patches, as they are now
part of neomutt.
- Update sensible-browser and multiple-fcc patches to adjusted versions
from the neomutt-upstream.
- Adjust the package's description to mention some of neomutt's features.
* Enable all hardening build flags. (Closes: #823295)
* Remove README.Patches from /usr/share/doc. Including a unified diff in
/usr/share/doc isn't very useful; the source package can always be used
instead.
* Remove mentions of gpg-2comp from gpg.rc and README.Debian and ship the
resulting gpg.rc into /etc/Muttrc.d pristine, with the comments included.
* Switch to tokyocabinet (from qdbm) in hurd-i386 as well, as it is nowadays
available there too.
* Lower Priority to optional (from standard), as this is currently the value
in the archive, as overridden by ftp-masters.
* Remove postinst code that handles migrations from pre-1.5.20-9 versions,
as it's too old (even wheezy shipped with 1.5.21-6.2).
* Remove preinst code that handles an obsolete conffile from pre-1.5.19-2
versions, for the same reasons.
* Remove Conflicts/Replaces mutt-utf8, it was last shipped with version
1.5.5.1-20040105+1, released over 12 years ago.
* Remove statically-linked-binary lintian override for mutt_dotlock, not the
case anymore.
* Remove quilt.mk and manual quilt invocations. Rely on the native 3.0
(quilt) source package format instead for applying debian/patches.
* Use dh_bugfiles instead of manual install invocations.
* Migrate from our own -dbg package to the automatic -dbgsym package.
* Migrate to dh, instead of our hand-crafted old-style debhelper d/rules.
* Migrate to dh-autoreconf instead of autotools-dev.
* Revamp debian/copyright: use copyright-format 1.0 (aka DEP5), update the
list of copyright holders, add a debian/* stanza with all the past
maintainers for the period they were maintainers etc.
* Change Maintainer to the newly created pkg-mutt-maintainers list.
* Add myself to Uploaders.
Checksums-Sha1:
268f2e83f1dfa24790d0bb24ddab1d00cd0ab814 2181 mutt_1.6.1-2.dsc
6aef0c98a704e952f402d7d0bf8102dd3cd84f2a 220012 mutt_1.6.1-2.debian.tar.xz
Checksums-Sha256:
06bc1d196655beb5932b669f383ecb04ac52be1c3e729d38a11945f545b1db45 2181
mutt_1.6.1-2.dsc
e9fa46f51527bd41b901f6e462d6c5e8417e9be915b9e5b0c4f0e820bb4c3a40 220012
mutt_1.6.1-2.debian.tar.xz
Files:
8e4b089b0b708d89697e493b4e574074 2181 mail optional mutt_1.6.1-2.dsc
ed08fecf82d79644397f329445406d75 220012 mail optional
mutt_1.6.1-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXgO45AAoJEJ0LXlse7I8OKFgQAJCYu77bRJjKLtm073DDUi/f
MbkFCbBuu2qDArWwyivtX0q+W3jpk1TXitA+L4/uv1m0cnzLQrCPa8TLl+0M3eFU
597hmk2KE6TQszcSIEDombpT2F8sCiKopzsfFcdN1dGnSEaEWxDwsQt8caoEYcNi
SoMSBq3IAeLgJ0Ua+wxH0/qWcvG1ee7pNzRss/jzzPoVWXLm1ZS4u+a+3P9OCZ9U
KapRzo33s3UTGBUOkO2Li7wmHciW3hhYpeobZer3vJhBurNDit4TfEd6nmuiEuSj
Zpt96A++UF0iG3MIk4uQP0XPKVrmegK4U3im3+kvovZ+42ozG8AGeZyA4f51Bj+K
hI4RlVGzuSphQ7ckBAfE4uMrWcJbGJUfaiYCmZCCv3yZDWt2vR0Y6AlDs2xGsMhs
B3wIrC0iy0bxx41LQMKjjTqOfdI9lTuAoi1ggHVRI+X9jamyBVZzgFhuFDb3rfot
89eC+AT7MJTq28cIHFFE1dRX1IgMD/STNm8JZ+X1wHb8nhiw0lhzR9zQZmUr4PG1
45vyYw9vbGGp/DIkaJMQHwO8fhlJERnSN08v02mGoWMQTcTYuvn0HCAI3UGBadgu
QR7udwbRW4u1YSUp6DCNbbe33SCpFR0w9FciRSsY9wkN9d9GkstMbuxx93Y3foLO
32pcMEFQGrI7Z91Tur1H
=WllN
-----END PGP SIGNATURE-----
--- End Message ---
