Please re-enable PIE and BIND_NOW
Bug #1039542 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
asterisk (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Paul Belanger | ||
Quantal |
Fix Released
|
High
|
Unassigned |
Bug Description
On 12.10 asterisk is not compiled with PIE or BIND_NOW. I didn't investigate, but this looks like in 12.04 this was dropped in favor of Debian's packaging:
* Changes dropped from Ubuntu delta as no longer applicable:
...
- debian/control: Build-depend on hardening-wrapper, now handled
by dpkg-buildflags
- debian/rules: Make use of hardening-wrapper
Please reenable PIE and BIND_NOW. This needs to be done for 12.04 too.
Related branches
Changed in asterisk (Ubuntu Precise): | |
status: | New → Triaged |
description: | updated |
tags: | added: precise quantal |
To post a comment you must log in.
instead of using the old hardening wrapper we should use the new dpkg-buildflags interface: MAINT_OPTIONS= hardening= +pie,+bindnow
export DEB_BUILD_