Dear Christian, Thanks for your review!
On Tue, Jul 19, 2016 at 12:21 AM, Christian Seiler <christ...@iwakd.de> wrote: > I'm not a DD, so I can't sponsor, but: > > On 07/18/2016 04:53 PM, Roger Shimizu wrote: >> * debian/rules: >> - Add param "--disable-ssp" to dh_auto_configure command. >> Thanks to Aaron M. Ucko and Boyuan Yang. (Closes: #829498) > > Please don't disable the SSP unconditionally, because it's a useful > defense-in-depth strategy. Especially since you are packaging a > network service, I would really recommend not doing that. My bad on wording of changelog. Actually it means turn off the broken hardening by upstream, and only use hardening by Debian (from dpkg-buildflags) So this change won't lower the security check. >> - Cherry-Pick two patch from upstream as 0004 and 0005 > > Generally you should describe in the changelog what these patches > do. I would hence suggest an entry like: > > - Cherry-pick the following upstream patches: > * Fix typo in argument passed to manager command. > * Use SO_REUSEADDR for remote socket Indeed. This makes more clear. I'll update the changelog entry on next release. Thank you! Cheers, -- Roger Shimizu, GMT +9 Tokyo PGP/GPG: 4096R/6C6ACD6417B3ACB1
