Bug#655880: Please enabled hardened build flags
Ron
ron at debian.org
Sat Apr 7 02:57:05 UTC 2012
Hi Moritz,
On Fri, Apr 06, 2012 at 06:35:26PM +0200, Moritz Mühlenhoff wrote:
> On Sat, Jan 14, 2012 at 03:21:47PM +0100, Moritz Muehlenhoff wrote:
> > Package: speex
> > Version: 1.2~rc1-3
> > Severity: important
> > Tags: patch
> >
> > Please enabled hardened build flags through dpkg-buildflags.
>
> What's the status? Do you plan an upload in the next weeks or
> shall I upload a NMU?
There was an open question of whether we were actually going to do a new
upstream release, and whether there was going to be some new optimisation
code for ARM to include with it, so I was kind of waiting to see what
evolved from that first - but that talk seems to have somewhat gone off
the boil again for the present (and it's not a blocker for this either
way, aside from batching work together).
Is there some particular urgency to this that I should be aware of?
Speex isn't exactly a hotbed of security problems, there have been, like,
precisely none that have come to light since 2008 or so when this version
was uploaded - so while I haven't forgotten this, it hasn't quite seemed
like something that couldn't wait until there were other reasons for an
upload either. At least for a while.
I'd rather do it myself, since that will be easier than merging an NMU,
so if you have some reason it should be bumped up the priority queue,
then indeed, I'd like to know about that.
Thanks for the patch though - and sorry for not saying thanks for that
sooner than now :)
Best,
Ron
More information about the Pkg-voip-maintainers
mailing list