[dovecot/f18] make sure dovecot executables are hardened
Michal Hlavinka
mhlavink at fedoraproject.org
Tue Apr 9 14:11:40 UTC 2013
commit bacf2bb76bce9aa281416b1a5878a1fc59d1cb29
Author: Michal Hlavinka <mhlavink at redhat.com>
Date: Tue Apr 9 16:11:27 2013 +0200
make sure dovecot executables are hardened
dovecot.spec | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
---
diff --git a/dovecot.spec b/dovecot.spec
index c98f25a..ab2ec90 100644
--- a/dovecot.spec
+++ b/dovecot.spec
@@ -1,10 +1,9 @@
-%global _hardened_build 1
Summary: Secure imap and pop3 server
Name: dovecot
Epoch: 1
Version: 2.1.16
#global prever .rc6
-Release: 1%{?dist}
+Release: 2%{?dist}
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
License: MIT and LGPLv2
Group: System Environment/Daemons
@@ -134,8 +133,9 @@ sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src
%build
#required for fdpass.c line 125,190: dereferencing type-punned pointer will break strict-aliasing rules
-export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
-export LDFLAGS="-Wl,-z,now -Wl,-z,relro"
+%global _hardened_build 1
+export CFLAGS="%{__global_cflags} -fno-strict-aliasing"
+export LDFLAGS="-Wl,-z,now -Wl,-z,relro %{__global_ldflags}"
%configure \
INSTALL_DATA="install -c -p -m644" \
--docdir=%{_docdir}/%{name}-%{version} \
@@ -474,6 +474,9 @@ make check
%{_libdir}/%{name}/dict/libdriver_pgsql.so
%changelog
+* Tue Apr 09 2013 Michal Hlavinka <mhlavink at redhat.com> - 1:2.1.16-2
+- make sure dovecot executables are hardened
+
* Fri Mar 05 2013 Michal Hlavinka <mhlavink at redhat.com> - 1:2.1.16-1
- dovecot updated to 2.1.16
- mdbox: Index rebuilding crashed in some situations
More information about the scm-commits
mailing list