[Monotone-debian] Bug#646349: marked as done (monotone: FTBFS with -Werr

monotone-debian

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-debian] Bug#646349: marked as done (monotone: FTBFS with -Werr

From:	Debian Bug Tracking System
Subject:	[Monotone-debian] Bug#646349: marked as done (monotone: FTBFS with -Werror=format-security)
Date:	Sun, 29 Apr 2012 10:21:19 +0000

Your message dated Sun, 29 Apr 2012 10:18:25 +0000
with message-id <address@hidden>
and subject line Bug#646349: fixed in monotone 1.0-5
has caused the Debian Bug report #646349,
regarding monotone: FTBFS with -Werror=format-security
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact address@hidden
immediately.)


-- 
646349: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646349
Debian Bug Tracking System
Contact address@hidden with problems

--- Begin Message --- Subject: monotone: FTBFS with -Werror=format-security Date: Sun, 23 Oct 2011 15:11:44 +0200 User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1

Source: monotone
Version: 1.0-3
Severity: normal
User: address@hidden
Usertags: hardening-format-security hardening

the package monotone fails to compile with the new hardened compiler
flags dpkg-buildflag outputs [0].
The problematic flag is: -Werror=format-security
See the ubuntu buildlog:
https://launchpadlibrarian.net/83074600/buildlog_ubuntu-precise-i386.monotone_1.0-3_FAILEDTOBUILD.txt.gz
Snippet:
g++  -I.     -I/usr/include/lua5.1         -D_FORTIFY_SOURCE=2  -g -O2
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security
-Werror=format-security -Wall -W -Wno-unused -c -o src/cmd.o src/cmd.cc
src/cmd.cc: In member function 'virtual void
commands::cmd_manpage::exec(app_state&, const command_id&, const
args_vector&) const':
src/cmd.cc:977:31: error: format not a string literal and no format
arguments [-Werror=format-security]

The buildflags are not exported in debian, but can be enabled e.g. by
adding this to debian/rules:

 DPKG_EXPORT_BUILDFLAGS = 1
 include /usr/share/dpkg/buildflags.mk

Please fix the issues and maybe also enable the hardened build in debian.

[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html

signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message --- Subject: Bug#646349: fixed in monotone 1.0-5 Date: Sun, 29 Apr 2012 10:18:25 +0000

Source: monotone
Source-Version: 1.0-5

We believe that the bug you reported is fixed in the latest version of
monotone, which is due to be installed in the Debian FTP archive:

monotone-doc_1.0-5_all.deb
  to main/m/monotone/monotone-doc_1.0-5_all.deb
monotone-extras_1.0-5_all.deb
  to main/m/monotone/monotone-extras_1.0-5_all.deb
monotone-server_1.0-5_all.deb
  to main/m/monotone/monotone-server_1.0-5_all.deb
monotone_1.0-5.debian.tar.gz
  to main/m/monotone/monotone_1.0-5.debian.tar.gz
monotone_1.0-5.dsc
  to main/m/monotone/monotone_1.0-5.dsc
monotone_1.0-5_amd64.deb
  to main/m/monotone/monotone_1.0-5_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to address@hidden,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Francis Russell <address@hidden> (supplier of updated monotone package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing address@hidden)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 28 Apr 2012 15:48:34 +0100
Source: monotone
Binary: monotone monotone-extras monotone-server monotone-doc
Architecture: source amd64 all
Version: 1.0-5
Distribution: unstable
Urgency: low
Maintainer: Debian Maintainers for Monotone <address@hidden>
Changed-By: Francis Russell <address@hidden>
Description: 
 monotone   - Distributed version (revision) control system
 monotone-doc - Distributed version (revision) control system - documentation
 monotone-extras - Distributed version (revision) control system - extras
 monotone-server - Distributed version (revision) control system - server 
scripts
Closes: 646349 668457
Changes: 
 monotone (1.0-5) unstable; urgency=low
 .
   * Switch to debhelper compatibility level 9. Most importantly, this
     causes dh_auto_* to set the environment variables listed by
     dpkg-buildflags that are no longer set by dpkg-buildpackage.
   * patches/01-format-security.diff: Backport upstream fix for building
     with hardened Debian build flags. Closes: #646349.
   * patches/02-file_handle.diff: Backport upstream fix for name clash
     between monotone's "file_handle" struct and the one defined in
     "fcntl.h" from (e)glibc >=2.14.
   * patches/03-url_escaping.diff: Backport upstream fix for non-escaped URLs
     being passed to monotone in its test suite.  Closes: #668457.
Checksums-Sha1: 
 053d47f8e5c88ec4218e5a2d34279dfbbca065aa 1880 monotone_1.0-5.dsc
 4d7f2f9563b88674bbbb77b3f5bac5bc1949e89d 37912 monotone_1.0-5.debian.tar.gz
 ef7abab03fb3a5b60f8f8dff3e0558a5559a7257 2190658 monotone_1.0-5_amd64.deb
 71e1f595e620f226c2dea5e9c22b451438ddbabb 17188 monotone-extras_1.0-5_all.deb
 c47017626088719d97b7dfd33d98e39886818d35 11746 monotone-server_1.0-5_all.deb
 75bc66448a32ca03f96f85e3b8192ce9778c9174 1704274 monotone-doc_1.0-5_all.deb
Checksums-Sha256: 
 6d7caad3edc211bff9239d950fa3f76778811e105ffdf0348ac2fd532831da80 1880 
monotone_1.0-5.dsc
 06e6d0e35564464f56a4ea26d8f1eba16810b3a6c873e57359c581dcec9e77b3 37912 
monotone_1.0-5.debian.tar.gz
 ddcd3518af9455fab1db8b0945ad309f6dcd85c5aa6efa3dccc2c67fc351e384 2190658 
monotone_1.0-5_amd64.deb
 3f586b66fa84fe0e28ad2c3dda060e4d87ce3fa0cd74283908cbf666a52b3af7 17188 
monotone-extras_1.0-5_all.deb
 2a59ae0a029e7f6827819c4c29cc5ce5e57a190d8860f8fafdf8d4755a3236d0 11746 
monotone-server_1.0-5_all.deb
 35deb561b075186480347efecce864a0a8b18bec3ffd04a06401e374cd7954a4 1704274 
monotone-doc_1.0-5_all.deb
Files: 
 796d75c0632b87573590dc5d525beb5f 1880 vcs optional monotone_1.0-5.dsc
 d3fa9e157bc367a7ffdcd9c7aa6b0e36 37912 vcs optional 
monotone_1.0-5.debian.tar.gz
 1d61822a19953509f486f3c3443549f3 2190658 vcs optional monotone_1.0-5_amd64.deb
 f0ba9a17683cedddb31feb4e456f5f38 17188 vcs optional 
monotone-extras_1.0-5_all.deb
 95f0d0162f140e1c7e765c84f2abccce 11746 vcs optional 
monotone-server_1.0-5_all.deb
 24ebccdbf510f8e2648ac040597b9f0a 1704274 doc optional 
monotone-doc_1.0-5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFPnRK9x9kwJZ3/qtQRAk72AJ9v624B+MBeH2nWnGPVhvpufaSYhgCgoIv0
RliIKAWuqoCh7lqV7SqcJsM=
=OP67
-----END PGP SIGNATURE-----

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-debian] Bug#646349: marked as done (monotone: FTBFS with -Werror=format-security), Debian Bug Tracking System <=

Prev by Date: [Monotone-debian] monotone_1.0-5_amd64.changes ACCEPTED into unstable
Next by Date: [Monotone-debian] Bug#668457: marked as done (monotone: FTBFS (multiple test suite failures))
Previous by thread: [Monotone-debian] monotone_1.0-5_amd64.changes ACCEPTED into unstable
Index(es):
- Date
- Thread