Bug#613763: totem: enable security hardening in build via hardening-wrapper

Kees Cook kees at debian.org
Thu Feb 17 01:15:58 UTC 2011


Package: totem
Version: 2.30.2-2
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/{control{,.in},rules}: enable PIE build for security hardening.

Since totem deals with media files, it should be hardened against potential
malicious attacks. This patch enables the hardening features in the toolchain.

Thanks for considering the patch.

-Kees


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty
  APT policy: (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-3-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

totem-gstreamer depends on no packages.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmpoewhpR
Type: text/x-diff
Size: 1207 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20110216/5962b03d/attachment.diff>


More information about the pkg-gnome-maintainers mailing list