[tuxguitar] 04/06: Enable hardening for libraries.
gregor herrmann
gregoa at debian.org
Fri May 2 22:46:40 UTC 2014
This is an automated email from the git hooks/post-receive script.
gregoa pushed a commit to branch master
in repository tuxguitar.
commit 10f61e13b3e75c9b6203ed105d4cb2eec9cb2fca
Author: gregor herrmann <gregoa at debian.org>
Date: Sat May 3 00:33:24 2014 +0200
Enable hardening for libraries.
Use /usr/share/dpkg/buildflags.mk in debian/rules; add patch
04-hardening-cppflags.patch to pass CPPFLAGS; build depend on new enough
dpkg-dev.
---
debian/control | 2 +-
debian/patches/04-hardening-cppflags.patch | 61 ++++++++++++++++++++++++++++++
debian/patches/series | 1 +
debian/rules | 4 ++
4 files changed, 67 insertions(+), 1 deletion(-)
diff --git a/debian/control b/debian/control
index a6989f9..b6dbe2f 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 9),
libitext-java,
libasound2-dev | liboss4-salsa-dev,
libfluidsynth-dev,
- dpkg-dev (>= 1.15.1)
+ dpkg-dev (>= 1.16.1~)
Standards-Version: 3.9.5
Homepage: http://www.tuxguitar.com.ar
Vcs-Git: git://anonscm.debian.org/pkg-java/tuxguitar.git
diff --git a/debian/patches/04-hardening-cppflags.patch b/debian/patches/04-hardening-cppflags.patch
new file mode 100644
index 0000000..a828d26
--- /dev/null
+++ b/debian/patches/04-hardening-cppflags.patch
@@ -0,0 +1,61 @@
+Description: pass CPPFLAGS (hardening)
+Origin: vendor
+Forwarded: no
+Author: gregor herrmann <gregoa at debian.org>
+Last-Update: 2014-05-03
+
+--- a/TuxGuitar-alsa/jni/GNUmakefile
++++ b/TuxGuitar-alsa/jni/GNUmakefile
+@@ -11,7 +11,7 @@
+ OBJECTS=org_herac_tuxguitar_player_impl_midiport_alsa_MidiSystem.o
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ all: $(LIBRARY)
+
+--- a/TuxGuitar-fluidsynth/jni/GNUmakefile
++++ b/TuxGuitar-fluidsynth/jni/GNUmakefile
+@@ -11,7 +11,7 @@
+ OBJECTS=org_herac_tuxguitar_player_impl_midiport_fluidsynth_MidiSynth.o
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ all: $(LIBRARY)
+
+--- a/TuxGuitar-jack/jni/GNUmakefile
++++ b/TuxGuitar-jack/jni/GNUmakefile
+@@ -11,7 +11,7 @@
+ OBJECTS=org_herac_tuxguitar_jack_JackClient.o
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ all: $(LIBRARY)
+
+--- a/TuxGuitar-oss/jni/GNUmakefile
++++ b/TuxGuitar-oss/jni/GNUmakefile
+@@ -11,7 +11,7 @@
+ OBJECTS=org_herac_tuxguitar_player_impl_midiport_oss_MidiSystem.o
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ all: $(LIBRARY)
+
+--- a/TuxGuitar-winmm/jni/GNUmakefile
++++ b/TuxGuitar-winmm/jni/GNUmakefile
+@@ -10,7 +10,7 @@
+ OBJECTS=org_herac_tuxguitar_player_impl_midiport_winmm_MidiSystem.o
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ all: $(LIBRARY)
+
diff --git a/debian/patches/series b/debian/patches/series
index 09bcb2d..81fba27 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
01-tuxguitar-rzr.patch
02-desktop.patch
03-CVE-2010-3385.patch
+04-hardening-cppflags.patch
diff --git a/debian/rules b/debian/rules
index 1e23872..102276b 100755
--- a/debian/rules
+++ b/debian/rules
@@ -18,6 +18,10 @@ else
XULRUNNERDEPENDS = -Vxulrunner:Depends="xulrunner-29 | xulrunner-24.0 | xulrunner-17.0 | xulrunner-10.0 | xulrunner-1.9.1"
endif
+# build flags for hardening
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/buildflags.mk
+
build: build-arch build-indep
build-arch: build-stamp
build-indep: build-stamp
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tuxguitar.git
More information about the pkg-java-commits
mailing list