severity 667930 normal forwarded 667930 http://www.epmhome.org/str.php?L38+P0+S-2+C0+I0+E0+M10+Q thanks
I've forwarded part of the patch upstream, as indicated above; it's the part where CPPFLAGS is not respected. I'm not particularly interested in the patch to doc/Makefile.in, since the resulting binary is a build artifact and not shipped in the final package. I'm also not inclined to enable more hardening flags without testing their impact on setup, which is intended to be bundled with a built application to provide a Windows-style install GUI that runs on all Linux distributions. When my testing is done, I'll decide whether the bindnow feature is appropriate to enable. (Yes, I'm aware that I could be in a pickle if PIE causes portability problems; I'll cross that bridge when I come to it.) I'm setting the severity to "normal" because epm doesn't look to be in the first line of important packages to harden; it hasn't had a DSA recently, is not priority "important", is not a daemon, and is not an interpreter. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
