Your message dated Sat, 1 Dec 2012 14:47:40 +0100 with message-id <20121201134740.gw5...@radis.cristau.org> and subject line Re: Bug#690082: unblock: siege/2.70-4 has caused the Debian Bug report #690082, regarding unblock: siege/2.70-4 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 690082: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690082 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock Please unblock package siege siege/2.70-4 Fixes: #689965 siege: Enable hardened build flags siege (2.70-4) unstable; urgency=low * Enable hardened build flags using the hardening-wrapper (Closes: #689965) - debian/rules Enable the hardening-wrapper. - debian/control Build-Depend on hardening-wrapper. * debian/control New maintainer address. Thanks to Patrick Matthäi for his sponsorships. Debdiff (against siege/2.70-3 which is in testing) attached. unblock siege/2.70-4 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=es_GT.utf8, LC_CTYPE=es_GT.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dashdiff -Nru siege-2.70/debian/changelog siege-2.70/debian/changelog --- siege-2.70/debian/changelog 2012-04-16 13:02:16.000000000 -0600 +++ siege-2.70/debian/changelog 2012-10-08 13:24:07.000000000 -0600 @@ -1,3 +1,14 @@ +siege (2.70-4) unstable; urgency=low + + * Enable hardened build flags using the hardening-wrapper + (Closes: #689965) + - debian/rules Enable the hardening-wrapper. + - debian/control Build-Depend on hardening-wrapper. + * debian/control New maintainer address. Thanks to Patrick Matthäi for + his sponsorships. + + -- Josue Abarca <jmasli...@debian.org> Sat, 06 Oct 2012 10:47:10 -0600 + siege (2.70-3) unstable; urgency=low * setup.h.diff patch added in order to improve the definition of diff -Nru siege-2.70/debian/control siege-2.70/debian/control --- siege-2.70/debian/control 2012-04-16 13:02:16.000000000 -0600 +++ siege-2.70/debian/control 2012-10-08 13:24:07.000000000 -0600 @@ -1,9 +1,9 @@ Source: siege Section: web Priority: optional -Maintainer: Josue Abarca <jmasli...@debian.org.gt> +Maintainer: Josue Abarca <jmasli...@debian.org> Build-Depends: debhelper (>= 7.0.50~), libssl-dev (>= 0.9.8), automake1.9, - autotools-dev (>= 20100122.1) + autotools-dev (>= 20100122.1), hardening-wrapper Standards-Version: 3.9.3 Vcs-Git: git://anonscm.debian.org/collab-maint/siege.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/siege.git diff -Nru siege-2.70/debian/patches/format_strings.diff siege-2.70/debian/patches/format_strings.diff --- siege-2.70/debian/patches/format_strings.diff 1969-12-31 18:00:00.000000000 -0600 +++ siege-2.70/debian/patches/format_strings.diff 2012-10-08 13:24:07.000000000 -0600 @@ -0,0 +1,18 @@ +Description: This patch adds string literals + to format strings in the snprintf function. This is required by + -Werror=format-security to avoid format string attacks. This pacth + was backported from siege beta in order to be able to use security + hardening build flags. +Origin: upstream, http://www.joedog.org/pub/siege/beta/siege-beta.tar.gz +Last-Update: 2012-10-07 +--- a/src/init.c ++++ b/src/init.c +@@ -48,7 +48,7 @@ + * use default of ~/.siegerc */ + if(strcmp(my.rc, "") == 0){ + if((e = getenv("SIEGERC")) != NULL){ +- snprintf(my.rc, sizeof(my.rc), e); ++ snprintf(my.rc, sizeof(my.rc), "%s", e); + } else { + snprintf(my.rc, sizeof(my.rc), "%s/.siegerc", getenv("HOME")); + if (stat(my.rc, &buf) < 0 && errno == ENOENT) { diff -Nru siege-2.70/debian/patches/series siege-2.70/debian/patches/series --- siege-2.70/debian/patches/series 2012-04-16 13:02:16.000000000 -0600 +++ siege-2.70/debian/patches/series 2012-10-08 13:24:07.000000000 -0600 @@ -6,3 +6,4 @@ set_verbose_to_false.diff update_doc_about_log_file.diff setup.h.diff +format_strings.diff diff -Nru siege-2.70/debian/rules siege-2.70/debian/rules --- siege-2.70/debian/rules 2012-04-16 13:02:16.000000000 -0600 +++ siege-2.70/debian/rules 2012-10-08 13:24:07.000000000 -0600 @@ -4,6 +4,9 @@ # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 +# Enable the hardening-wrapper +export DEB_BUILD_HARDENING=1 + %: dh --with autotools_dev $@
--- End Message ---
--- Begin Message ---On Tue, Oct 9, 2012 at 13:22:29 -0600, Josue Abarca wrote: > Package: release.debian.org > Severity: normal > User: release.debian....@packages.debian.org > Usertags: unblock > > Please unblock package siege > > siege/2.70-4 Fixes: > > #689965 siege: Enable hardened build flags > > siege (2.70-4) unstable; urgency=low > > * Enable hardened build flags using the hardening-wrapper > (Closes: #689965) > - debian/rules Enable the hardening-wrapper. > - debian/control Build-Depend on hardening-wrapper. > * debian/control New maintainer address. Thanks to Patrick Matthäi for > his sponsorships. > > Debdiff (against siege/2.70-3 which is in testing) attached. > The hardening can wait for jessie IMO. Closing, sorry. Cheers, Juliensignature.asc
Description: Digital signature
--- End Message ---