[Bug 2049686] Re: dpkg-buildflags: emit build flags for negated features
Matthias Klose
2049686 at bugs.launchpad.net
Fri Jan 19 10:48:35 UTC 2024
my understanding is, based on our discussions at the sprint in November,
that the security team is responsible for preparing and handling
additions of these hardening flags. At least that is what I understood.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to dpkg in Ubuntu.
https://bugs.launchpad.net/bugs/2049686
Title:
dpkg-buildflags: emit build flags for negated features
Status in dpkg package in Ubuntu:
Confirmed
Bug description:
we have in a package:
export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-fortify
however that doesn't turn off fortify. We have these unfortunate
defaults in the compiler, so we have to emit explicit compiler flags
to disable these.
not just for that feature, but for any feature that is turned on by
default in GCC.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/2049686/+subscriptions
More information about the foundations-bugs
mailing list