[squid] Enable full RELRO
mluscon
mluscon at fedoraproject.org
Fri Apr 19 09:16:54 UTC 2013
commit d835557850f920bb39cc494dad62e935dd3f125f
Author: Michal Luscon <mluscon at redhat.com>
Date: Fri Apr 19 10:26:53 2013 +0200
Enable full RELRO
squid.spec | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/squid.spec b/squid.spec
index 70aea87..00bfc66 100644
--- a/squid.spec
+++ b/squid.spec
@@ -4,7 +4,7 @@
Name: squid
Version: 3.2.9
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: The Squid proxy caching server
Epoch: 7
# See CREDITS for breakdown of non GPLv2+ code
@@ -115,7 +115,7 @@ The squid-sysvinit contains SysV initscritps support.
CXXFLAGS="$RPM_OPT_FLAGS -fpie" \
CFLAGS="$RPM_OPT_FLAGS -fpie" \
%endif
-LDFLAGS="$RPM_LD_FLAGS -pie"
+LDFLAGS="$RPM_LD_FLAGS -pie -Wl,-z,relro -Wl,-z,now"
%configure \
--disable-strict-error-checking \
@@ -309,6 +309,9 @@ fi
/sbin/chkconfig --add squid >/dev/null 2>&1 || :
%changelog
+* Fri Apr 19 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.9-2
+- Enable full RELRO (-Wl,-z,relro -Wl,-z,now)
+
* Tue Mar 19 2013 Michal Luscon <mluscon at redhat.com> - 7:3.2.9-1
- Update to latest upstream version 3.2.9
- Fixed: CVE-2013-1839
More information about the scm-commits
mailing list