[Debian-on-mobile-maintainers] Bug#1066092: koko: please enable blhc-recommended build hardening.
James Addison
jay at jp-hosting.net
Tue Mar 12 13:36:43 GMT 2024
Source: koko
Version: 23.08.3+ds.1-2
Severity: wishlist
Dear Maintainer,
During filing of #1066088, some build failures of the 'blhc'[1] test utility
occurred on Salsa-CI[2]. These indicate that some compile-time security
hardening flags may not be enabled when the binary package is compiled (the
first failure mentioned in the logs relates to missing CPPFLAGS).
The Debian Wiki page[3] about package hardening includes some information
relating to packages that use CMake, and this could be worth checking for
guidance.
Thanks,
James
[1] - https://eriberto.pro.br/blog/2015/09/07/debian-how-to-use-blhc-to-solve-hardening-issues-when-packaging/
[2] - https://salsa.debian.org/jayaddison/koko/-/jobs/5435672
[3] - https://wiki.debian.org/Hardening#Notes_for_packages_using_CMake
More information about the Debian-on-mobile-maintainers
mailing list