[Bug 1980095] Re: libnfsidmap built without hardening flags
Andreas Hasenack
1980095 at bugs.launchpad.net
Wed Aug 3 17:12:10 UTC 2022
** Description changed:
- $ grep hardening ../lintian.log
+ [Impact]
+
+ * An explanation of the effects of the bug on users and
+
+ * justification for backporting the fix to the stable release.
+
+ * In addition, it is helpful, but not required, to include an
+ explanation of how the upload fixes this bug.
+
+ [Test Plan]
+
+ * detailed instructions how to reproduce the bug
+
+ * these should allow someone who is not familiar with the affected
+ package to reproduce the bug and verify that the updated package fixes
+ the problem.
+
+ * if other testing is appropriate to perform before landing this update,
+ this should also be described here.
+
+ [Where problems could occur]
+
+ * Think about what the upload changes in the software. Imagine the change is
+ wrong or breaks something else: how would this show up?
+
+ * It is assumed that any SRU candidate patch is well-tested before
+ upload and has a low overall risk of regression, but it's important
+ to make the effort to think about what ''could'' happen in the
+ event of a regression.
+
+ * This must '''never''' be "None" or "Low", or entirely an argument as to why
+ your upload is low risk.
+
+ * This both shows the SRU team that the risks have been considered,
+ and provides guidance to testers in regression-testing the SRU.
+
+ [Other Info]
+
+ * Anything else you think is useful to include
+ * Anticipate questions from users, SRU, +1 maintenance, security teams and the Technical Board
+ * and address these questions in advance
+
+
+ [Original Description]
+
+ $ grep hardening ../lintian.log
I: libnfsidmap-regex: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/regex.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap.so.1.0.0]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/nsswitch.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/static.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/umich_ldap.so]
I: libnfsidmap-regex: hardening-no-fortify-functions [usr/lib/x86_64-linux-gnu/libnfsidmap/regex.so]
It was there before when we had src:libnfsidmap:
https://git.launchpad.net/ubuntu/+source/libnfsidmap/tree/debian/rules#n10
But we lost it when src:nfs-utils incorporated the libnfsidmap code.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to nfs-utils in Ubuntu.
https://bugs.launchpad.net/bugs/1980095
Title:
libnfsidmap built without hardening flags
Status in nfs-utils package in Ubuntu:
Fix Released
Bug description:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test Plan]
* detailed instructions how to reproduce the bug
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
* if other testing is appropriate to perform before landing this update,
this should also be described here.
[Where problems could occur]
* Think about what the upload changes in the software. Imagine the change is
wrong or breaks something else: how would this show up?
* It is assumed that any SRU candidate patch is well-tested before
upload and has a low overall risk of regression, but it's important
to make the effort to think about what ''could'' happen in the
event of a regression.
* This must '''never''' be "None" or "Low", or entirely an argument as to why
your upload is low risk.
* This both shows the SRU team that the risks have been considered,
and provides guidance to testers in regression-testing the SRU.
[Other Info]
* Anything else you think is useful to include
* Anticipate questions from users, SRU, +1 maintenance, security teams and the Technical Board
* and address these questions in advance
[Original Description]
$ grep hardening ../lintian.log
I: libnfsidmap-regex: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/regex.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap.so.1.0.0]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/nsswitch.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/static.so]
I: libnfsidmap1: hardening-no-bindnow [usr/lib/x86_64-linux-gnu/libnfsidmap/umich_ldap.so]
I: libnfsidmap-regex: hardening-no-fortify-functions [usr/lib/x86_64-linux-gnu/libnfsidmap/regex.so]
It was there before when we had src:libnfsidmap:
https://git.launchpad.net/ubuntu/+source/libnfsidmap/tree/debian/rules#n10
But we lost it when src:nfs-utils incorporated the libnfsidmap code.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1980095/+subscriptions
More information about the foundations-bugs
mailing list