Bug#823967: libapache2-mod-perl2: hardening-no-relro mod_perl.so
Damyan Ivanov
dmn at debian.org
Sat May 28 18:09:43 UTC 2016
-=| Niko Tyni, 10.05.2016 22:44:07 +0300 |=-
> Package: libapache2-mod-perl2
> Version: 2.0.9-4
>
> As noticed by lintian, mod_perl.so is not linked with
> -Wl,-z,relro.
>
> W: libapache2-mod-perl2: hardening-no-relro usr/lib/apache2/modules/mod_perl.so
>
> It looks like we're currently using the debhelper default behaviour where
> linker flags are passed to Makefile.PL in an LD=[...] argument. This
> normally works with ExtUtils::MakeMaker, but apparently not with the
> libapache2-mod-perl2 build system.
>
> I see Apache2::Build::ldopts uses
>
> my $ld = $self->perl_config('ld');
>
> so that part probably needs some work. Filing this to track
> the issue, but I'm not promising a patch any time soon...
The following patch seems to fix this. Is it too crude?
-----------------------------------------
--- a/lib/Apache2/Build.pm
+++ b/lib/Apache2/Build.pm
@@ -557,6 +557,8 @@ sub ldopts {
or warn "Failed to fix Irix symbol exporting\n";
}
+ $ldopts .= " $ENV{LDFLAGS}" if exists $ENV{LDFLAGS};
+
$ldopts;
}
-----------------------------------------
Cheers,
dam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20160528/5fcb97c6/attachment-0001.sig>
More information about the pkg-perl-maintainers
mailing list