Package: mpv
Version: 0.10.0-1
Severity: important
Tags: patch
Hello,
in the last upload all additional hardening options were dropped.
Please re-enable them. As video player mpv is prone to
vulnerabilities in its libraries and the additional hardening
flags make exploits more difficult.
The sou
Source: ogmrip
Version: 1.0.1-1
Severity: serious
Justification: Policy 2.2.1
Hello,
ogmrip depends on mencoder which is not currently available in
Debian unstable which makes the package uninstallable.
Regards
Simon
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92
On Wed, Mar 12, 2014 at 04:49:31PM +0100, Alessandro Ghedini wrote:
> Pushed to git, thanks! Note that we already pass "-v" to waf, so "V := 1"
> isn't
> needed (and it doesn't work with waf anyway).
Hello,
Thanks for fixing it so quickly.
Would it be possible to patch/modify the build system t
Package: mpv
Version: 0.3.6-1
Severity: normal
Tags: patch
Hello,
As audio/movie player, mpv is vulnerable to exploits in the used
libraries, which are common. PIE and bindnow provide additional
hardening against those attacks. Please enable them by default.
The following patch enables all addit
g.org
+ public key id: 0x92FEFDB7E44C32F9
Description: Use CPPFLAGS from environment (dpkg-buildflags).
Necessary for hardening flags.
Author: Simon Ruderich
Last-Update: 2012-09-08
--- meterec-0.9.1~ds0.orig/configure
+++ meterec-0.9.1~ds0/configure
@@ -3569,7 +3569,7 @@ PACKAGE_CFLAGS=&quo
Package: mixxx
Version: 1.10.0~dfsg0-3
Severity: normal
Tags: patch
Dear Maintainer,
The CPPFLAGS hardening flags are missing because the build system
ignores them. For more hardening information please have a look
at [1], [2] and [3].
The following patch fixes the issue.
diff -Nru mixxx-1.10.0
Package: crtmpserver
Version: 1.0~dfsg-1
Severity: important
Tags: patch
Dear Maintainer,
The CPPFLAGS hardening flags are missing because CMake ignores
them by default.
The following patch fixes the issue by adding them to
CFLAGS/CXXFLAGS. For more hardening information please have a
look at [1
pg.org
+ public key id: 0x92FEFDB7E44C32F9
Description: Show compiler messages when compiling.
Necessary to detect missing (hardening) flags during build.
Author: Simon Ruderich
Last-Update: 2012-03-18
Index: xvidcore-1.3.2/v
escription: Use build flags from the environment (dpkg-buildflags).
Author: Simon Ruderich
Last-Update: 2012-03-10
--- audacity-2.0.0~rc8.orig/lib-src/portmixer/Makefile.in
+++ audacity-2.0.0~rc8/lib-src/portmixer/Makefile.in
@@ -9,9 +9,12 @@ AR = @AR@
RANLIB = @RANLIB@
DEFS+=
=y7hL
-END PGP SIGNATURE-
Description: Use build flags from environment (dpkg-buildflags).
Also use CPPFLAGS, necessary for hardening. -O2 is handled by
dpkg-buildflags, which also respects noopt.
Author: Simon Ruderich
Last-Update: 2012-03-05
--- alsaequal-0.6.orig/Makefile
+++ alsaequ
10 matches
Mail list logo
