On Tue, 23 Aug 2016 00:25:30 +0200 Balint Reczey <bal...@balintreczey.hu> wrote: > Package: gcc-6 > Version: 6.1.1-12 > Severity: wishlist > Tags: patch > > Dear Matthias, > > As a continuation of the discussions [1][2] on debian-devel I'm > attaching the simple patch that implements enabling the PIE > hardening flags for a subset of the architectures. > > I'm open to changing the subset, it matches the set selected in Ubuntu > as a start, but porters may have different preferences [2]. > > I'm continuing with a full archive rebuild to see the amount of packages > to be updated for the change in the default flags. > > The same patch applies to gcc-5, too, if it does not get removed > from the archive before the patch is accepted for gcc-6. > > Cheers, > Balint > > [1] https://lists.debian.org/debian-devel/2016/05/msg00228.html > [2] https://lists.debian.org/debian-devel/2016/08/msg00324.html >
Hi, As per [1], please enable PIE by default on the following architectures: * amd64 * arm64 * armel * armhf * i386 * mips * mips64el * mipsel * ppc64el * s390x All of these architectures (except amd64+i386 with porter waivers) had at least 2 porters supporting PIE. Thanks, ~Niels [1] https://lists.debian.org/<2c67a60f-2bbb-2f4e-2ad3-cd9978fb5...@thykier.net>
