[Secure-testing-commits] r18134 - hardening

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Jan 12 16:41:30 UTC 2012 

Author: jmm
Date: 2012-01-12 16:41:30 +0000 (Thu, 12 Jan 2012)
New Revision: 18134

Modified:
   hardening/subgoal-dsa.txt
Log:
- citadel, zoo and sudo fixed in maintainer uploads
- drop cdbs-based previous entries from the fixed list, the cdbs
  support for hardened build flags is a mess and needs more investigation


Modified: hardening/subgoal-dsa.txt
===================================================================
--- hardening/subgoal-dsa.txt	2012-01-12 15:31:36 UTC (rev 18133)
+++ hardening/subgoal-dsa.txt	2012-01-12 16:41:30 UTC (rev 18134)
@@ -23,7 +23,6 @@
 bzip2 (655164)
 capi4hylafax (653539)
 chrony (655123)
-citadel (653514)
 clamav (653958)
 courier-authlib (655168)
 cpio (654522)
@@ -173,7 +172,6 @@
 squidguard
 strongswan
 subversion
-sudo (655417)
 suphp (655419)
 syslog-ng (655163)
 systemtap
@@ -206,7 +204,6 @@
 xmltooling
 zabbix
 zodb
-zoo (655499)
 vsftpd (655103)
 collectd
 
@@ -221,9 +218,6 @@
 id3lib3.8.3
 
 
-Packages using cdbs, which need additional fixes:
-icedove
-
 Packages using Scons, needs additional research:
 blender
 
@@ -245,8 +239,13 @@
 
 
 
-Candidate packages using cdbs, fixed with the next upload after 2011-09-23 with
-  the upload of dpkg/1.16.1:
+Candidate packages using cdbs, needs further studying:
+sympa
+libgd2
+icedove
+ghostscript
+libvirt
+gimp
 koffice
 libspf2
 wordnet
@@ -297,15 +296,8 @@
 
 
 Fixed:
-libvirt (0.9.6-1)
-gimp (2.6.11-4)
-ghostscript (9.04~dfsg-1)
 samba (2:3.5.11~dfsg-2)
-libgd2 (2.0.36~rc1~dfsg-6)
-sympa (6.1.7~dfsg-1)
 mailman (1:2.1.14-3)
-ncompress (4.2.4.4-3)
-xzgv (5.9-3)
 flac (1.2.1-6)
 xorg-server (2:1.11.1.901-1)
 openldap (2.4.25-4)
@@ -366,14 +358,15 @@
 mon (1.2.0-5) (655137)
 acpid (1:2.0.14-2) (653502)
 libsmi (0.4.8+dfsg2-5) (654812)
+sudo (1.8.3p1-3) (655417)
+zoo (2.10-25) (655499)
+citadel (8.04-1) (653514)
 
 
-
-
-
 Hardening incomplete:
 gtetrinet (653443)
 firebird2.5 (654793)
+ncompress (relro missing)
 
 
 Packages, which use hardened build flags manually, but not yet dpkg-buildflags:

More information about the Secure-testing-commits mailing list