Bug#663618: libmusicbrainz-2.1: CPPFLAGS hardening flags missing
Package: libmusicbrainz-2.1
Version: 2.1.5-6.2
Severity: important
Tags: patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear Maintainer,
The CPPFLAGS hardening flags are missing because they are not set
in debian/rules.
The following patch fixes the issue.
diff -Nru libmusicbrainz-2.1-2.1.5/debian/rules
libmusicbrainz-2.1-2.1.5/debian/rules
--- libmusicbrainz-2.1-2.1.5/debian/rules 2011-12-17
13:40:15.0 +0100
+++ libmusicbrainz-2.1-2.1.5/debian/rules 2012-03-12
18:34:07.0 +0100
@@ -35,7 +35,7 @@
dh_testdir
ln -sf /usr/share/misc/config.sub config.sub
ln -sf /usr/share/misc/config.guess config.guess
- ./configure $(confflags) LDFLAGS="$(LDFLAGS)" CFLAGS="$(CFLAGS)"
CXXFLAGS="$(CFLAGS)" \
+ ./configure $(confflags) LDFLAGS="$(LDFLAGS)" CFLAGS="$(CFLAGS)"
CXXFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" \
--prefix=/usr
touch $@
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (hardening-check doesn't catch everything):
$ hardening-check /usr/lib/libmusicbrainz.so.4.0.3
/usr/lib/libmusicbrainz.so.4.0.3:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
[1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
[2]: https://wiki.debian.org/HardeningWalkthrough
[3]: https://wiki.debian.org/Hardening
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPXjVIAAoJEJL+/bfkTDL5jsIQAJXGM/DbOm7ceQ8aLIs6UxnZ
1tXBeLYIk/Bw5Aiz2wBU5Rjzgw0Ci6X7jqJU4Rg8tJFVp1bpgCoJddeOe8f+FlrG
YcKts5tylmlyP2dGbx359zrOI/wGHHjyE/1jchPjRp+huaYmpwmQSGw4ciLGtUyZ
sGx382zw3Tgv34FR1pcYQWZDKhICSYruw8ge+aAMsUaHzXjCOiSuGNyqibopa9TY
8NQ7NFMGgXrk3iOxVNjJT2BgnTvI/Xs6nGvHIKbZwzBYkUDXi8xVLpsk3FArMKKO
D4SnAR0hg6x6p+6PGfEoSB8cHAYqG9htdM85SsAn2hZ0L/CHaNSgaK1skWDxJIfg
7PeU1RotfI0nmHuliwkf+ZqgZbjKv3qEbEKb3/IgXwmzeOHGPAYIJqyI/qFAN2Wm
Jn+8lHLfel5VeyehwjMOdDJvC0FuCQ6lsPyyuWFYOFbYezdBq8rbsK9qXfRf9//x
+Uea22EQcNnjdvxFVfxOtTNrbBcVqAIF7qIh7upTsh2vQse1fS0EyOT7saQ+fkkz
RqsFc2BXosvh+yF3xXOUFmCAl2XRQCtR1LQUXIEsTPAsPw9mVM+m5teklkQF+JnU
6X8zJNyBIhtnzyx+2CZrfexrzb2nekzMyHvBlMsVZCA7iBjB1O0R0SC7T3rFrUyb
SLuZ/hw8fpsGcBfE29t3
=tJTQ
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120312174133.21718.20663.reportbug@nocreeps
Bug#663625: zgv: Hardening flags missing
Package: zgv
Version: 5.9-4
Severity: important
Tags: patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear Maintainer,
The hardening flags are missing because the build system ignores
them. For more hardening information please have a look at [1],
[2] and [3].
The attached patch fixes the issue. If possible it should be sent
upstream.
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (hardening-check doesn't catch everything):
$ hardening-check /usr/bin/zgv
/usr/bin/zgv:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
[1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
[2]: https://wiki.debian.org/HardeningWalkthrough
[3]: https://wiki.debian.org/Hardening
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPXk5CAAoJEJL+/bfkTDL5+bgP/0wOW+QJElAOLjZT3M7h0Pls
Cj9GDwmgmXQxP9WHIE4khVftha2ZqqGgFAawRHmmgdtseK8e1M0VcIjGzL24TtJO
rHRlRImDQ+zfJTTq/pM2h0VS2HKbqIev8RdCTdDYDojm/yOMzrxythxbOKYlHR4J
OotYFMOQHgtV6tImFusgJhUVkfSYBcf1f73ju+X/1FiJ6bPjvVY/IeUUiNsVmMfi
iUm63Mu1nFaLrswFxe6JZbV3yeOxnaaDiGV8y2riWEJ4LPvoq3ljmbb6mTqeSqT3
y+o7mz+9ZhK4mDZPosmvbBvfUB/qBOo7bUV9fcvwl51H3gj2E9nh29kruE+qZqYj
RjBsNLIFbHgXzMyk6x2jPF9QoAJfPHzynmpVLyr41ZsEQ/Nn04JnQjvJcuKlLIpR
eWi0xH3u2JlXUzGKjV2Ce2W+v37Bggh5JFA6qo0YPkiyf3ar0jGCZpV34Leaxz/O
vgduNkEVMu4zBhR6XhGA5/mzK/E/lur8tjatFqK+t4qQNHCSdaay7m8YzVgqg/mp
Jtigx2MsUxpF3o8oZI7kRoyMNiL7NT3c+Tr/x1uKr80EHWOtyLE+5NvT5lwsbzCY
4mOi8mgUVjaT80uxlELMCGJAH/IYbnoiMaC9g9Yoz8MAmJTDN3wvjhTBDc0wsfAY
6fjt0NcrGbUgMHmraCFD
=Ods2
-END PGP SIGNATURE-
diff -u zgv-5.9/config.mk zgv-5.9/config.mk
--- zgv-5.9/config.mk
+++ zgv-5.9/config.mk
@@ -8,7 +8,7 @@
# This is likely to be what you'll want for most systems:
#
CC=gcc
-CFLAGS=$(shell dpkg-buildflags --get CFLAGS) -O2 -Wall -fomit-frame-pointer -finline-functions
+CFLAGS+=-O2 -Wall -fomit-frame-pointer -finline-functions
#
# If you're brave enough to try compiling zgv on a non-x86 system :-),
# this might be a better bet:
diff -u zgv-5.9/src/Makefile zgv-5.9/src/Makefile
--- zgv-5.9/src/Makefile
+++ zgv-5.9/src/Makefile
@@ -47,13 +47,13 @@
modesel.o readpcd.o readtiff.o readprf.o zgv_io.o
zgv: $(ZGV_OBJS)
- $(CC) $(CFLAGS) -o zgv $(ZGV_OBJS) $(ZGV_LIBS)
+ $(CC) $(LDFLAGS) -o zgv $(ZGV_OBJS) $(ZGV_LIBS)
bdf2h: bdf2h.o
- $(CC) $(CFLAGS) -o bdf2h bdf2h.o
+ $(CC) $(LDFLAGS) -o bdf2h bdf2h.o
install-info: install-info.c
- $(CC) $(INFODIRDEF) -o install-info install-info.c
+ $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $(INFODIRDEF) -o install-info install-info.c
# explicitly removes /usr/bin/{zgv,zgv-sdl} in case of old
# installation. Not nice to put this in the install target,
diff -u zgv-5.9/debian/rules zgv-5.9/debian/rules
--- zgv-5.9/debian/rules
+++ zgv-5.9/debian/rules
@@ -7,7 +7,10 @@
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
+CFLAGS := $(shell dpkg-buildflags --get CFLAGS)
+CPPFLAGS:= $(shell dpkg-buildflags --get CPPFLAGS)
LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS)
+export CFLAGS CPPFLAGS LDFLAGS
build: build-stamp
build-stamp:
Bug#653511: Please enable hardened build flags
Package: bochs
Version: 2.4.6-5
Followup-For: Bug #653511
reopen 653511
thanks
Dear Maintainer,
The hardening flags are partially missing because the build
system ignores them; CPPFLAGS are not used at all.
The attached patch fixes the issue.
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (hardening-check doesn't catch everything):
$ hardening-check /usr/bin/bxcommit /usr/bin/bximage /usr/bin/bochs-bin ...
/usr/bin/bxcommit:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
/usr/bin/bximage:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
/usr/bin/bochs-bin:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
...
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
[1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
[2]: https://wiki.debian.org/HardeningWalkthrough
[3]: https://wiki.debian.org/Hardening
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
Description: Use flags from environment (dpkg-buildflags).
Necessary for hardening flags.
Author: Simon Ruderich
Last-Update: 2012-03-15
Index: bochs-2.4.6/host/linux/pcidev/Makefile.in
===
--- bochs-2.4.6.orig/host/linux/pcidev/Makefile.in 2012-03-15 01:09:22.0 +0100
+++ bochs-2.4.6/host/linux/pcidev/Makefile.in 2012-03-15 01:22:10.284732558 +0100
@@ -17,7 +17,7 @@
PCIDEV_MODULE_MAKE_ALL = @PCIDEV_MODULE_MAKE_ALL@
-CFLAGS = -Wstrict-prototypes -Wno-trigraphs -g -fno-strict-aliasing -fno-common -D__KERNEL__ -DMODULE -I$(KERNELDIR)/include -O -Wall
+CFLAGS = @CFLAGS@ -Wstrict-prototypes -Wno-trigraphs -g -fno-strict-aliasing -fno-common -D__KERNEL__ -DMODULE -I$(KERNELDIR)/include -O -Wall
.PHONY : all
Index: bochs-2.4.6/gui/Makefile.in
===
--- bochs-2.4.6.orig/gui/Makefile.in 2012-03-15 01:09:22.0 +0100
+++ bochs-2.4.6/gui/Makefile.in 2012-03-15 01:09:22.0 +0100
@@ -109,44 +109,44 @@
$(LIBTOOL) --mode=compile --tag CXX $(CXX) -c $(CXXFLAGS) $(LOCAL_CXXFLAGS) $< -o $@
libbx_%.la: %.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH)
libbx_x.la: x.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_X)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_X)
libbx_sdl.la: sdl.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_SDL)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_SDL)
libbx_svga.la: svga.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_SVGA)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_SVGA)
libbx_beos.la: beos.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_BEOS)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_BEOS)
libbx_rfb.la: rfb.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_RFB)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_RFB)
libbx_amigaos.la: amigaos.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_AMIGAOS)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_AMIGAOS)
libbx_win32.la: win32.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_WIN32)
+ $(LIBTOOL) --mode=link --tag CXX $(CXX) $(LDFLAGS) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_WIN32)
libbx_macos.la: macos.lo
- $(LIBTOOL) --mode=link --tag CXX $(CXX) -module $< -o $@ -rpath $(PLUGIN_PATH) $(GUI_LINK_OPTS_MACOS)
+ $(LIBTOOL) --mode=link --tag
Bug#657537: Please enable hardened build flags
reopen #657537
thanks
Dear Maintainer,
The hardening flags are missing in a few places because the build
system ignores them.
The attached patch fixes the issue, if possible it should be sent
upstream.
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (hardening-check doesn't catch everything):
$ hardening-check /usr/sbin/ircd-hybrid
/usr/lib/ircd-hybrid/modules/autoload/m_accept.so
/usr/lib/ircd-hybrid/modules/autoload/m_admin.so
/usr/lib/ircd-hybrid/modules/autoload/m_away.so ...
/usr/sbin/ircd-hybrid:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
/usr/lib/ircd-hybrid/modules/autoload/m_accept.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
Immediate binding: no not found!
/usr/lib/ircd-hybrid/modules/autoload/m_admin.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: unknown, no protectable libc functions used
Read-only relocations: yes
Immediate binding: no not found!
/usr/lib/ircd-hybrid/modules/autoload/m_away.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
Read-only relocations: yes
Immediate binding: no not found!
...
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
[1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
[2]: https://wiki.debian.org/HardeningWalkthrough
[3]: https://wiki.debian.org/Hardening
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
#! /bin/sh /usr/share/dpatch/dpatch-run
## Use build flags from environment (dpkg-buildflags).
## Necessary for hardening flags.
##
## All lines beginning with `## DP:' are a description of the patch.
@DPATCH@
Index: ircd-hybrid-7.2.2.dfsg.2/tools/Makefile.in
===
--- ircd-hybrid-7.2.2.dfsg.2.orig/tools/Makefile.in 2012-04-08
17:15:14.509825884 +0200
+++ ircd-hybrid-7.2.2.dfsg.2/tools/Makefile.in 2012-04-08 17:16:40.729826262
+0200
@@ -31,10 +31,10 @@
# We must link these two against special libs
encspeed: ../include/setup.h encspeed.c
- $(CC) $(CFLAGS) $(INCLUDES) $(LDFLAGS) encspeed.c -o encspeed
$(SSL_LIBS)
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(INCLUDES) $(LDFLAGS) encspeed.c -o
encspeed $(SSL_LIBS)
mkpasswd: ../include/setup.h mkpasswd.c
- $(CC) $(CFLAGS) $(INCLUDES) $(LDFLAGS) mkpasswd.c -o mkpasswd
$(CRYPT_LIB)
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(INCLUDES) $(LDFLAGS) mkpasswd.c -o
mkpasswd $(CRYPT_LIB)
# Default rule for everything
Index: ircd-hybrid-7.2.2.dfsg.2/contrib/Makefile.in
===
--- ircd-hybrid-7.2.2.dfsg.2.orig/contrib/Makefile.in 2012-04-08
17:16:40.673826262 +0200
+++ ircd-hybrid-7.2.2.dfsg.2/contrib/Makefile.in2012-04-08
17:16:58.965826342 +0200
@@ -13,6 +13,7 @@
LD = @LD@
LN = @LN@
PICFLAGS = @PICFLAGS@
+LDFLAGS= @LDFLAGS@
MKDEP = @MKDEP@
INSTALL= @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -115,7 +116,7 @@
.SUFFIXES: .so .sl .o
.c.so:
- ${CC} ${PICFLAGS} ${CPPFLAGS} ${CFLAGS} $< -o $@
+ ${CC} ${PICFLAGS} ${CPPFLAGS} ${CFLAGS} ${LDFLAGS} $< -o $@
.c.o:
${CC} ${CPPFLAGS} ${CFLAGS} -c $< -o $@
Index: ircd-hybrid-7.2.2.dfsg.2/modules/Makefile.in
===
--- ircd-hybrid-7.2.2.dfsg.2.orig/modules/Makefile.in 2012-04-08
17:16:40.673826262 +0200
+++ ircd-hybrid-7.2.2.dfsg.2/modules/Makefile.in2012-04-08
17:16:40.729826262 +0200
@@ -10,6 +10,7 @@
SEDOBJ = @SEDOBJ@
STDOUT = @STDOUT@
CFLAGS = @IRC_CFLAGS@
+LDFLAGS= @LDFLAGS@
PICFLAGS = @PICFLAGS@
MKDEP = @MKDEP@
INSTALL= @INSTALL@
@@ -178,7 +179,7 @@
${CC} ${CPPFLAGS} ${CFLAGS} -c $< -o $@
.c.so:
- ${CC} ${PICFLAGS} ${CPPFLAGS} ${CFLAGS} $< -o $@
+ ${CC} ${PICFLAGS} ${LDFLAGS} ${CPPFLAGS} ${CFLAGS} $< -o $@
.so.sl:
$(LD) -b $< -o $@
Index: ircd-hybrid-7.2.2.dfsg.2/tools/rsa_respond/Makefile.in
===
--- ircd-hybrid-7.2.2.dfsg.2.orig/tools/r
Bug#670819: xloadimage: Hardening flags missing
Package: xloadimage
Version: 4.1-18
Severity: important
Tags: Patch
Dear Maintainer,
The hardening flags are missing because the build system ignores
them. For more hardening information please have a look at [1],
[2] and [3].
The attached patch fixes the issue.
To check if all flags were correctly enabled you can use
`hardening-check` from the hardening-includes package and check
the build log (for example with blhc [4]) (hardening-check
doesn't catch everything):
$ hardening-check /usr/bin/uufilter /usr/bin/xloadimage
/usr/bin/uufilter:
Position Independent Executable: yes
Stack protected: no, not found!
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: yes
/usr/bin/xloadimage:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: yes
(Position Independent Executable and Immediate binding is not
enabled by default.)
Use find -type f \( -executable -o -name \*.so\* \) -exec
hardening-check {} + on the build result to check all files.
Regards,
Simon
[1]: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
[2]: https://wiki.debian.org/HardeningWalkthrough
[3]: https://wiki.debian.org/Hardening
[4]: http://ruderich.org/simon/blhc/
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
Description: Use build flags from environment (dpkg-buildflags).
Necessary for hardening flags.
Author: Simon Ruderich
Last-Update: 2012-04-29
Index: xloadimage-4.1/Makefile.in
===
--- xloadimage-4.1.orig/Makefile.in 2012-04-29 12:13:45.456985928 +0200
+++ xloadimage-4.1/Makefile.in 2012-04-29 12:13:45.640985927 +0200
@@ -27,7 +27,7 @@
$(CC) -o $@ $(OBJS) build.o $(LDFLAGS) $(XLIB) $(LIBS)
uufilter: uufilter.c
- $(CC) $(CFLAGS) $(DEFS) uufilter.c -o $@
+ $(CC) $(CFLAGS) $(LDFLAGS) $(DEFS) uufilter.c -o $@
.c.o: config.h image.h
$(CC) $(CFLAGS) -c $(DEFS) $<
Index: xloadimage-4.1/Makefile.std
===
--- xloadimage-4.1.orig/Makefile.std 2012-04-29 12:13:41.916985912 +0200
+++ xloadimage-4.1/Makefile.std 2012-04-29 12:13:45.640985927 +0200
@@ -23,7 +23,7 @@
# the Make.conf file and recursively calls make.
autoconfig: autoconfig.c
- $(CC) -g -o autoconfig autoconfig.c
+ $(CC) $(CFLAGS) $(LDFLAGS) -g -o autoconfig autoconfig.c
# manual configuration target
configure:: autoconfig
Index: xloadimage-4.1/Makefile
===
--- xloadimage-4.1.orig/Makefile 2012-04-29 12:13:41.916985912 +0200
+++ xloadimage-4.1/Makefile 2012-04-29 12:13:45.640985927 +0200
@@ -8,7 +8,7 @@
# Include system configuration parameters
include Make.conf
-CFLAGS=$(OPT_FLAGS) $(CC_FLAGS) $(CC_CONFIG_FLAGS) $(X11_INC_DIR) \
+CFLAGS+=$(OPT_FLAGS) $(CC_FLAGS) $(CC_CONFIG_FLAGS) $(X11_INC_DIR) \
-DSYSPATHFILE=\"$(SYSPATHFILE)\"
LIBS=$(X11_LIB_DIR) $(X11_LIB_NAME) $(SYS_LIBS) -lm
@@ -23,7 +23,7 @@
# the Make.conf file and recursively calls make.
autoconfig: autoconfig.c
- $(CC) -g -o autoconfig autoconfig.c
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -g -o autoconfig autoconfig.c
# manual configuration target
configure:: autoconfig
signature.asc
Description: Digital signature
Bug#803946: ImportError: /usr/lib/python2.7/dist-packages/M2Crypto/__m2crypto.so: undefined symbol: SSLv3_method
Package: python-m2crypto Version: 0.21.1-4+b1 Severity: normal Hello, Since the binary update, salt fails with the following error when importing M2Crypto: salt-master[12449]: Traceback (most recent call last): salt-master[12449]: File "/usr/bin/salt-master", line 10, in salt-master[12449]: salt_master() salt-master[12449]: File "/usr/lib/python2.7/dist-packages/salt/scripts.py", line 50, in salt_master salt-master[12449]: master.start() salt-master[12449]: File "/usr/lib/python2.7/dist-packages/salt/cli/daemons.py", line 149, in start salt-master[12449]: self.prepare() salt-master[12449]: File "/usr/lib/python2.7/dist-packages/salt/cli/daemons.py", line 129, in prepare salt-master[12449]: import salt.master salt-master[12449]: File "/usr/lib/python2.7/dist-packages/salt/master.py", line 26, in salt-master[12449]: from M2Crypto import RSA salt-master[12449]: File "/usr/lib/python2.7/dist-packages/M2Crypto/__init__.py", line 22, in salt-master[12449]: import __m2crypto salt-master[12449]: ImportError: /usr/lib/python2.7/dist-packages/M2Crypto/__m2crypto.so: undefined symbol: SSLv3_method Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9 signature.asc Description: PGP signature
