On 09/16/2015 10:24 AM, Alexander Todorov wrote:
Including fedora-devel on this topic.
На 12.09.2015 в 08:48, Dominik 'Rathann' Mierzejewski написа:
>>>
>>> Question is how to deal with these because they appear to be in the
>>> hundreds ?
>>
>> How many, exactly? We have around 20000 SRPMs in the distribution.
>
From today's Rawhide snapshot my script counted around 4500 offending
packages. You can find links to the script and execution log here:
http://atodorov.org/blog/2015/09/16/4000-bugs-in-fedora-checksec-failures/
Please let me know which packages need to genuinely be excluded and what
should we do with these packages ? Some will probably be fixed once they are
rebuilt but that may take a while.
Any package maintainers out there - please fix your packages in Rawhide so we
don't have to file bugs for all of them.
I think we may have an issue with libtool throwing away the
'-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1' option:
/bin/sh ../libtool --tag=CC --mode=link gcc -ansi -pedantic -Wall -W
-Wundef -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-qual -Wcast-align
-Wwrite-strings -Wconversion -Waggregate-return -Wstrict-prototypes
-Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wnested-externs
-Winline -O -fomit-frame-pointer -finline-functions -O2 -g -pipe -Wall
-Werror=format-s
ecurity -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
--param=ssp-buffer-size=4 -grecord-gcc-switches
-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic
-version-info 10:1 :0 -Wl,-z,relro
-specs=/usr/lib/rpm/redhat/redhat-hardened-ld -o libhdf5.la -rpath /usr/lib64
H5.lo.... H5Ztrans.lo -lz -ldl -lm
libtool: link: gcc -shared -fPIC -DPIC .libs/H5.o ... .libs/H5Ztrans.o -lz
-ldl -lm -O -O2 -g -fstack-protector-strong -grecord-gcc-switches -m64
-mtune=generic -Wl,-z -Wl,relro -Wl,-soname -Wl,libhdf5.so.10 -o
.libs/libhdf5.so.10.0.1
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion(a)nwra.com
Boulder, CO 80301
http://www.nwra.com