[gentoo-dev] gcc 4.3.2 security updates

[gentoo-dev] gcc 4.3.2 security updates

[Mike Frysinger]

[-- Attachment #1: Type: text/plain, Size: 334 bytes --]

not to be out done, gcc-4.3.2-r3 will include changes like some other distros 
are now carrying:
 - the -Wformat-security flag is enabled by default
 - the -D_FORTIFY_SOURCE=2 flag is enabled by default

if you dont want this stuff, you can use the flag -Wno-format-security and the 
flag -U_FORTIFY_SOURCE respectively
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 835 bytes --]

[gentoo-dev] Re: gcc 4.3.2 security updates

[Ryan Hill]

[-- Attachment #1: Type: text/plain, Size: 715 bytes --]

On Sat, 10 Jan 2009 16:22:50 -0500
Mike Frysinger <vapier@gentoo.org> wrote:

> not to be out done, gcc-4.3.2-r3 will include changes like some other
> distros are now carrying:
>  - the -Wformat-security flag is enabled by default
>  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> 
> if you dont want this stuff, you can use the flag
> -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
> -mike
> 

I'm really hoping this isn't a stable candidate. :P

-- 
gcc-porting,                                      by design, by neglect
treecleaner,                              for a fact or just for effect
wxwidgets @ gentoo     EFFD 380E 047A 4B51 D2BD C64F 8AA8 8346 F9A4 0662

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Ciaran McCreesh]

[-- Attachment #1: Type: text/plain, Size: 337 bytes --]

On Sat, 10 Jan 2009 18:03:17 -0600
Ryan Hill <dirtyepic@gentoo.org> wrote:
> I'm really hoping this isn't a stable candidate. :P

Is an earlier gcc 4.3 a stable candidate, or have those plans been
abandoned?

(I'm wondering whether it's worth the pain of dealing with 4.1's lack
of tr1 regex support...)

-- 
Ciaran McCreesh

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Mike Frysinger]

[-- Attachment #1: Type: text/plain, Size: 587 bytes --]

On Saturday 10 January 2009 19:03:17 Ryan Hill wrote:
> On Sat, 10 Jan 2009 16:22:50 -0500 Mike Frysinger wrote:
> > not to be out done, gcc-4.3.2-r3 will include changes like some other
> > distros are now carrying:
> >  - the -Wformat-security flag is enabled by default
> >  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> >
> > if you dont want this stuff, you can use the flag
> > -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
>
> I'm really hoping this isn't a stable candidate. :P

gcc-4.3.2-r0 is still the stable candidate.  nothing has changed.
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 835 bytes --]

[gentoo-dev] Re: gcc 4.3.2 security updates

[Magnus Granberg]

On Sunday 11 January 2009 01.06.45 Ciaran McCreesh wrote:
> On Sat, 10 Jan 2009 18:03:17 -0600
>
> Ryan Hill <dirtyepic@gentoo.org> wrote:
> > I'm really hoping this isn't a stable candidate. :P
>
> Is an earlier gcc 4.3 a stable candidate, or have those plans been
> abandoned?
>
> (I'm wondering whether it's worth the pain of dealing with 4.1's lack
> of tr1 regex support...)

We will get more bugs if we enable FORTIFY_SOURCE for the stable canididet of 
gcc 4.3 like /usr/include/bits/fcntl2.h:51: error: call 
to '__open_missing_mode' declared with attribute error: open with O_CREAT in 
second argument needs 3 arguments
GLIBC won't even compile with it.
/Zorry

[gentoo-dev] Re: gcc 4.3.2 security updates

[Ryan Hill]

[-- Attachment #1: Type: text/plain, Size: 1121 bytes --]

On Sun, 11 Jan 2009 00:06:45 +0000
Ciaran McCreesh <ciaran.mccreesh@googlemail.com> wrote:

> On Sat, 10 Jan 2009 18:03:17 -0600
> Ryan Hill <dirtyepic@gentoo.org> wrote:
> > I'm really hoping this isn't a stable candidate. :P
> 
> Is an earlier gcc 4.3 a stable candidate, or have those plans been
> abandoned?
> 
> (I'm wondering whether it's worth the pain of dealing with 4.1's lack
> of tr1 regex support...)

I was hoping to have the tree ready by Mar/Apr. Flameeyes dug up a lot
of broken packages with his tinderbox runs that need addressing though.
I'm going to go through the list, posting patches next week. Then we
have to wait until they can be stabilized.

Which reminds me - maintainers, if you have a bug blocking #245547 that
you have not yet CC'd arches on, do so now please.  Most of these were
opened in November and haven't seen any action.

Thanks.

-- 
gcc-porting,                                      by design, by neglect
treecleaner,                              for a fact or just for effect
wxwidgets @ gentoo     EFFD 380E 047A 4B51 D2BD C64F 8AA8 8346 F9A4 0662

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Magnus Granberg]

On Sunday 11 January 2009 04.26.00 Mike Frysinger wrote:
> On Saturday 10 January 2009 19:03:17 Ryan Hill wrote:
> > On Sat, 10 Jan 2009 16:22:50 -0500 Mike Frysinger wrote:
> > > not to be out done, gcc-4.3.2-r3 will include changes like some other
> > > distros are now carrying:
> > >  - the -Wformat-security flag is enabled by default
> > >  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> > >
> > > if you dont want this stuff, you can use the flag
> > > -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
> >
> > I'm really hoping this isn't a stable candidate. :P
>
> gcc-4.3.2-r0 is still the stable candidate.  nothing has changed.
> -mike

Any patches ready?
/Zorry

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Mike Frysinger]

[-- Attachment #1: Type: text/plain, Size: 800 bytes --]

On Saturday 10 January 2009 23:52:15 Magnus Granberg wrote:
> On Sunday 11 January 2009 04.26.00 Mike Frysinger wrote:
> > On Saturday 10 January 2009 19:03:17 Ryan Hill wrote:
> > > On Sat, 10 Jan 2009 16:22:50 -0500 Mike Frysinger wrote:
> > > > not to be out done, gcc-4.3.2-r3 will include changes like some other
> > > > distros are now carrying:
> > > >  - the -Wformat-security flag is enabled by default
> > > >  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> > > >
> > > > if you dont want this stuff, you can use the flag
> > > > -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
> > >
> > > I'm really hoping this isn't a stable candidate. :P
> >
> > gcc-4.3.2-r0 is still the stable candidate.  nothing has changed.
>
> Any patches ready?

patches for what ?
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 835 bytes --]

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Magnus Granberg]

On Sunday 11 January 2009 09.39.08 Mike Frysinger wrote:
> On Saturday 10 January 2009 23:52:15 Magnus Granberg wrote:
> > On Sunday 11 January 2009 04.26.00 Mike Frysinger wrote:
> > > On Saturday 10 January 2009 19:03:17 Ryan Hill wrote:
> > > > On Sat, 10 Jan 2009 16:22:50 -0500 Mike Frysinger wrote:
> > > > > not to be out done, gcc-4.3.2-r3 will include changes like some
> > > > > other distros are now carrying:
> > > > >  - the -Wformat-security flag is enabled by default
> > > > >  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> > > > >
> > > > > if you dont want this stuff, you can use the flag
> > > > > -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
> > > >
> > > > I'm really hoping this isn't a stable candidate. :P
> > >
> > > gcc-4.3.2-r0 is still the stable candidate.  nothing has changed.
> >
> > Any patches ready?
>
> patches for what ?
> -mike

For the FORTIFY and Wformat thing but i will see when it hit the tree.

Re: [gentoo-dev] Re: gcc 4.3.2 security updates

[Mike Frysinger]

[-- Attachment #1: Type: text/plain, Size: 1187 bytes --]

On Sunday 11 January 2009 08:23:14 Magnus Granberg wrote:
> On Sunday 11 January 2009 09.39.08 Mike Frysinger wrote:
> > On Saturday 10 January 2009 23:52:15 Magnus Granberg wrote:
> > > On Sunday 11 January 2009 04.26.00 Mike Frysinger wrote:
> > > > On Saturday 10 January 2009 19:03:17 Ryan Hill wrote:
> > > > > On Sat, 10 Jan 2009 16:22:50 -0500 Mike Frysinger wrote:
> > > > > > not to be out done, gcc-4.3.2-r3 will include changes like some
> > > > > > other distros are now carrying:
> > > > > >  - the -Wformat-security flag is enabled by default
> > > > > >  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
> > > > > >
> > > > > > if you dont want this stuff, you can use the flag
> > > > > > -Wno-format-security and the flag -U_FORTIFY_SOURCE respectively
> > > > >
> > > > > I'm really hoping this isn't a stable candidate. :P
> > > >
> > > > gcc-4.3.2-r0 is still the stable candidate.  nothing has changed.
> > >
> > > Any patches ready?
> >
> > patches for what ?
>
> For the FORTIFY and Wformat thing but i will see when it hit the tree.

the patches are going into 4.3.2-r3.  i'm testing them locally before i push 
out 4.3.2-r3.
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 835 bytes --]

Re: [gentoo-dev] gcc 4.3.2 security updates

[Mike Frysinger]

[-- Attachment #1: Type: text/plain, Size: 530 bytes --]

On Saturday 10 January 2009 16:22:50 Mike Frysinger wrote:
> not to be out done, gcc-4.3.2-r3 will include changes like some other
> distros are now carrying:
>  - the -Wformat-security flag is enabled by default
>  - the -D_FORTIFY_SOURCE=2 flag is enabled by default
>
> if you dont want this stuff, you can use the flag -Wno-format-security and
> the flag -U_FORTIFY_SOURCE respectively

i pussied out and merged them with gcc-4.3.3.  this will allow stable fixes to 
take a more natural path with gcc-4.3.2.
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 835 bytes --]