rpms
/
redhat-rpm-config
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update libtool hardening hack and re-enable (#978949)

This commit is contained in:
Kevin Fenzi 2014-01-13 12:45:57 -07:00
parent d1c22eee30
commit e04bd964a3
2 changed files with 30 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
redhat-rpm-config-9.1.0-libtool-hardened-build.patch
View File

@ -1,25 +1,30 @@
--- redhat-rpm-config-9.1.0.orig/macros diff -Nur redhat-rpm-config-9.1.0.orig/macros redhat-rpm-config-9.1.0/macros
+++ redhat-rpm-config-9.1.0/macros --- redhat-rpm-config-9.1.0.orig/macros 2014-01-12 11:24:18.866139925 -0700
@@ -28,7 +28,7 @@ +++ redhat-rpm-config-9.1.0/macros 2014-01-12 11:26:28.182832378 -0700
@@ -29,6 +29,7 @@
#==============================================================================
# ---- configure and makeinstall. # ---- configure and makeinstall.
# #
+%_configure_libtool_hardening_hack 1
%_configure ./configure %_configure ./configure
-%configure \ %configure \
+%configure(--:-:ChnqV) \
CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \ CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS ; \
CXXFLAGS="${CXXFLAGS:-%optflags}" ; export CXXFLAGS ; \ @@ -39,6 +40,10 @@
FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}" ; export FFLAGS ; \ for i in $(find . -name config.guess -o -name config.sub) ; do \
@@ -52,7 +52,12 @@ [ -f /usr/lib/rpm/redhat/$(basename $i) ] && %{__rm} -f $i && %{__cp} -fv /usr/lib/rpm/redhat/$(basename $i) $i ; \
--localstatedir=%{_localstatedir} \\\ done ; \
--sharedstatedir=%{_sharedstatedir} \\\ + [ "%_configure_libtool_hardening_hack" = 1 ] && [ x != "x%{_hardened_ldflags}" ] && \
--mandir=%{_mandir} \\\ + for i in $(find . -name ltmain.sh) ; do \
- --infodir=%{_infodir} + %{__sed} -i.backup -e 's~compiler_flags=$~compiler_flags="%{_hardened_ldflags}"~' $i \
+ --infodir=%{_infodir} \\\ + done ; \
+ %{**} ; \ %{_configure} --build=%{_build} --host=%{_host} \\\
+ [[ -f ./libtool && "x%{?%_hardened_ldflags}" != "x" ]] && \\\ --program-prefix=%{?_program_prefix} \\\
+ sed -i \\\ --disable-dependency-tracking \\\
+ -e 's! \\\\\\$compiler_flags !&%{?%_hardened_ldflags} !g' \\\ @@ -174,6 +179,7 @@
+ ./libtool ; %__find_requires /usr/lib/rpm/redhat/find-requires
%makeinstall \ %_hardening_cflags -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
%{__make} \\\ +# we don't escape symbols '~', '"', etc. so be careful when changing this
%_hardening_ldflags -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
#_hardened_build 0

7
redhat-rpm-config.spec
View File

@ -1,7 +1,7 @@
Summary: Red Hat specific rpm configuration files Summary: Red Hat specific rpm configuration files
Name: redhat-rpm-config Name: redhat-rpm-config
Version: 9.1.0 Version: 9.1.0
Release: 55%{?dist} Release: 56%{?dist}
# No version specified. # No version specified.
License: GPL+ License: GPL+
Group: Development/System Group: Development/System
@ -110,7 +110,7 @@ Red Hat specific rpm configuration files.
%patch22 -p1 %patch22 -p1
%patch23 -p1 %patch23 -p1
%patch24 -p1 %patch24 -p1
#%patch25 -p1 %patch25 -p1
# Only make docs change in Fedora 20+ # Only make docs change in Fedora 20+
%if 0%{?fedora} >= 20 %if 0%{?fedora} >= 20
%patch26 -p1 %patch26 -p1
@ -137,6 +137,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_sysconfdir}/rpm/* %{_sysconfdir}/rpm/*
%changelog %changelog
* Sun Jan 12 2014 Kevin Fenzi <kevin@scrye.com> 9.1.0-56
- Update libtool hardening hack and re-enable (#978949)
* Wed Dec 18 2013 Dhiru Kholia <dhiru@openwall.com> - 9.1.0-55 * Wed Dec 18 2013 Dhiru Kholia <dhiru@openwall.com> - 9.1.0-55
- Enable "-Werror=format-security" by default (#1043495) - Enable "-Werror=format-security" by default (#1043495)