Package: dropbear
Severity: important
Tags: patch
Hi,
please enable hardened build flags, patch attached.
Cheers,
Moritz
diff -aur dropbear-2012.55.orig/debian/rules dropbear-2012.55/debian/rules
--- dropbear-2012.55.orig/debian/rules 2014-01-04 13:29:07.000000000 +0100
+++ dropbear-2012.55/debian/rules 2014-01-04 13:31:50.502998585 +0100
@@ -9,12 +9,7 @@
STRIP =: nostrip
endif
-CFLAGS =-Wall -g
-ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
- CFLAGS +=-O0
-else
- CFLAGS +=-O2
-endif
+export DEB_CFLAGS_MAINT_APPEND = -Wall -DSFTPSERVER_PATH="\"/usr/lib/sftp-server\""
CONFFLAGS =
CC =gcc
@@ -34,10 +29,9 @@
config.status: patch-stamp configure
CC='$(CC)' \
- CFLAGS='$(CFLAGS) -DSFTPSERVER_PATH="\"/usr/lib/sftp-server\""' \
./configure --host='$(DEB_HOST_GNU_TYPE)' \
--build='$(DEB_BUILD_GNU_TYPE)' --prefix=/usr \
- --enable-bundled-libtom \
+ --enable-bundled-libtom $(shell dpkg-buildflags --export=configure) \
--mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info \
$(CONFFLAGS)
Nur in dropbear-2012.55/debian: rules~.
