Bug#657853: Please enable hardened build flags
Dominic Hargreaves
dom at earth.li
Sun Feb 5 22:28:55 UTC 2012
On Sun, Feb 05, 2012 at 08:44:15PM +0200, Niko Tyni wrote:
> On Sun, Jan 29, 2012 at 02:02:31PM +0100, Moritz Muehlenhoff wrote:
> > Package: perl
> > Version: 5.14.2-6
> > Severity: important
> >
> > Please enable hardened build flags through dpkg-buildflags.
>
> While perl builds fine on amd64 with the attached patch, I'm slightly
> uneasy about pushing it to unstable without wider testing.
Have you verified the output from hardening-flags before and after,
both of perl and of a sample XS module (I used libimager-perl as a test).
> Possibly we should do an experimental upload first to verify that it builds
> on all architectures, and then do a test rebuild of (say) lib*-perl to catch
> any obvious regressions. Dominic, thoughts?
Probably not a bad idea. We'll need to binnmu all XS modules to pick
up the hardening flags anyway, so it'd be as well to make sure that
we've test-rebuilt those if not Arch: all packages.
I see that you fixed the problem that I identified in [1] with cppflags
not getting set by including them in ccflags.
[1] <http://lists.alioth.debian.org/pipermail/perl-maintainers/2012-January/002886.html>
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
More information about the Perl-maintainers
mailing list