On Friday, May 13 2022, Shengjing Zhu wrote: > On Sat, May 14, 2022 at 2:15 AM Sergio Durigan Junior > <[email protected]> wrote: >> >> On Friday, May 13 2022, I wrote: >> >> > golang-1.18 fails to link a PIE binary on ppc64le. Because one of the >> > implications of using hardened=+all is that PIE is enabled, this can >> > negatively our packages. >> > >> > I've filed this bug for golang-1.18 in Ubuntu and fixed it there, so >> > I'll be working on backporting the patch to Debian as well. >> >> For completeness sake, here are some links related to this bug: >> >> https://github.com/golang/go/issues/52337 >> >> https://github.com/golang/go/commit/caa46312eeca1275ce22ecf8985ca31ef8de7883 >> >> https://bugs.launchpad.net/ubuntu/+source/golang-1.18/+bug/1973107 >> > > FTR, I think Debian is not default to hardened=+all. So we haven't > noticed such problems while many packages have been built after > golang-1.18 became default.
Thanks Shengjing. Yeah, Debian doesn't default to hardened=+all. I guess the severity of this bug could be dropped, but I still think it's a good fix to have. I'm already working on updating golang to 1.18.2, so might as well address this one. Cheers, -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible https://sergiodj.net/

