Package: libpcap0.8 Version: 1.2.1-2 Severity: normal I looked libpcap build logs after "hardening-check" tool from hardening-includes shows that Fortify Source (-D_FORTIFY_SOURCE=2) isn't in use in this library. Is it intentional?
make[1]: Entering directory `/build/buildd-libpcap_1.2.1-2-i386-uqZbDK/libpcap-1.2.1' gcc -O2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -I. -DH AVE_CONFIG_H -D_U_="__attribute__((unused))" -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wf ormat -Werror=format-security -c -o pcap-linux.o ./pcap-linux.c gcc -O2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -I. -DH AVE_CONFIG_H -D_U_="__attribute__((unused))" -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wf ormat -Werror=format-security -c -o pcap-usb-linux.o ./pcap-usb-linux.c Looks like -O2 option is present three times and other options two times. Could -D_FORTIFY_SOURCE=2 be added to flags too? http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags http://wiki.debian.org/Hardening http://wiki.debian.org/HardeningWalkthrough -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
