Update libtool hardening hack and re-enable (#978949)
This commit is contained in:
Kevin Fenzi
parent
d1c22eee30
commit
e04bd964a3
|
|
@ -1,25 +1,30 @@
|
|||
--- redhat-rpm-config-9.1.0.orig/macros
|
||||
+++ redhat-rpm-config-9.1.0/macros
|
||||
@@ -28,7 +28,7 @@
|
||||
diff -Nur redhat-rpm-config-9.1.0.orig/macros redhat-rpm-config-9.1.0/macros
|
||||
--- redhat-rpm-config-9.1.0.orig/macros 2014-01-12 11:24:18.866139925 -0700
|
||||
+++ redhat-rpm-config-9.1.0/macros 2014-01-12 11:26:28.182832378 -0700
|
||||
@@ -29,6 +29,7 @@
|
||||
#==============================================================================
|
||||
# ---- configure and makeinstall.
|
||||
#
|
||||
+%_configure_libtool_hardening_hack 1
|
||||
%_configure ./configure
|
||||
-%configure \
|
||||
+%configure(--:-:ChnqV) \
|
||||
%configure \
|
||||
CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \
|
||||
CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \
|
||||
FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \
|
||||
@@ -52,7 +52,12 @@
|
||||
--localstatedir=%{_localstatedir} \\\
|
||||
--sharedstatedir=%{_sharedstatedir} \\\
|
||||
--mandir=%{_mandir} \\\
|
||||
- --infodir=%{_infodir}
|
||||
+ --infodir=%{_infodir} \\\
|
||||
+ %{**} ; \
|
||||
+ [[ -f ./libtool && "x%{?%_hardened_ldflags}" != "x" ]] && \\\
|
||||
+ sed -i \\\
|
||||
+ -e 's! \\\\\\$compiler_flags !&%{?%_hardened_ldflags} !g' \\\
|
||||
+ ./libtool ;
|
||||
@@ -39,6 +40,10 @@
|
||||
for i in $(find . -name config.guess -o -name config.sub) ; do \
|
||||
[ -f /usr/lib/rpm/redhat/$(basename $i) ] && %{__rm} -f $i && %{__cp} -fv /usr/lib/rpm/redhat/$(basename $i) $i ; \
|
||||
done ; \
|
||||
+ [ "%_configure_libtool_hardening_hack" = 1 ] && [ x != "x%{_hardened_ldflags}" ] && \
|
||||
+ for i in $(find . -name ltmain.sh) ; do \
|
||||
+ %{__sed} -i.backup -e 's~compiler_flags=$~compiler_flags="%{_hardened_ldflags}"~' $i \
|
||||
+ done ; \
|
||||
%{_configure} --build=%{_build} --host=%{_host} \\\
|
||||
--program-prefix=%{?_program_prefix} \\\
|
||||
--disable-dependency-tracking \\\
|
||||
@@ -174,6 +179,7 @@
|
||||
%__find_requires /usr/lib/rpm/redhat/find-requires
|
||||
|
||||
%makeinstall \
|
||||
%{__make} \\\
|
||||
%_hardening_cflags -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
|
||||
+# we don't escape symbols '~', '"', etc. so be careful when changing this
|
||||
%_hardening_ldflags -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
|
||||
|
||||
#_hardened_build 0
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
Summary: Red Hat specific rpm configuration files
|
||||
Name: redhat-rpm-config
|
||||
Version: 9.1.0
|
||||
Release: 55%{?dist}
|
||||
Release: 56%{?dist}
|
||||
# No version specified.
|
||||
License: GPL+
|
||||
Group: Development/System
|
||||
|
|
@ -110,7 +110,7 @@ Red Hat specific rpm configuration files.
|
|||
%patch22 -p1
|
||||
%patch23 -p1
|
||||
%patch24 -p1
|
||||
#%patch25 -p1
|
||||
%patch25 -p1
|
||||
# Only make docs change in Fedora 20+
|
||||
%if 0%{?fedora} >= 20
|
||||
%patch26 -p1
|
||||
|
|
@ -137,6 +137,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||
%{_sysconfdir}/rpm/*
|
||||
|
||||
%changelog
|
||||
* Sun Jan 12 2014 Kevin Fenzi <kevin@scrye.com> 9.1.0-56
|
||||
- Update libtool hardening hack and re-enable (#978949)
|
||||
|
||||
* Wed Dec 18 2013 Dhiru Kholia <dhiru@openwall.com> - 9.1.0-55
|
||||
- Enable "-Werror=format-security" by default (#1043495)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue