Hi Bo, Preamble...
Thanks for taking time to create this package and your contribution to Debian. The below review is for assistance. It is offered to help submitters of packages to Debian mentors improve their packages prior to possible sponsorship into Debian. There is no obligation on behalf of the subitter to make any alterations based upon information provided in the review. Review... 1. Build: Good 2. Lintian: Warnings / Information I: sitecopy source: quilt-patch-missing-description [debian/patches/32_neon-0.31.patch] A description for the patch would probably be beneficial. I: sitecopy: hardening-no-bindnow [usr/bin/sitecopy] N: N: This package provides an ELF binary that lacks the "bindnow" linker flag. N: N: This is needed (together with "relro") to make the "Global Offset Table" N: (GOT) fully read-only. The bindnow feature trades startup time for N: improved security. Please consider enabling this feature or consider N: overriding the tag (possibly with a comment about why). N: N: If you use dpkg-buildflags, you may have to add hardening=+bindnow or N: hardening=+all to DEB_BUILD_MAINT_OPTIONS. N: N: The relevant compiler flags are set in LDFLAGS. N: N: Please refer to https://wiki.debian.org/Hardening for details. N: N: Visibility: info N: Show-Always: no N: Check: binaries/hardening I would be quite tempted to fix this with the addition of the below line near the top of 'debian/rules' even though it is a QA upload. I would ask others opinion though as they may feel it is not within the scope of a QA upload. export DEB_BUILD_MAINT_OPTIONS = hardening=+all 3. Licenses: QA upload - Latitude given :-) 4. Build Twice (sudo pbuilder build --twice <package>.dsc): Good 5. Install (No previous installs): Good 6. Upgrade (Over previous installs if any): Good Regards Phil -- Internet Relay Chat (IRC): kathenas Website: https://kathenas.org Instagram: https://instagram.com/kathenasorg/ Buy Me A Coffee: https://buymeacoffee.com/kathenasorg
signature.asc
Description: This is a digitally signed message part
