| Summary: | cryptobone 1.0.2-1 is not built with $RPM_OPT_FLAGS | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ville Skyttä <ville.skytta> |
| Component: | cryptobone | Assignee: | Ralf Senderek <fedora> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | fedora |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | 1.0.3-1 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-05-18 19:18:12 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Ville Skyttä
2016-04-22 15:43:23 UTC
This is now fixed in cryptobone-1.0.2-3 Koji build: http://koji.fedoraproject.org/koji/buildinfo?buildID=757310 rpmlint cryptobone-debuginfo-1.0.2-3.fc25.x86_64.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. rpmlint cryptobone-debuginfo-1.0.2-3.fc25.i686.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. rpmlint cryptobone-debuginfo-1.0.2-3.fc25.armv7hl.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Updates have been provided that fix this bug for Fedora 23 and Fedora 24. Koji: http://koji.fedoraproject.org/koji/buildinfo?buildID=757341 http://koji.fedoraproject.org/koji/buildinfo?buildID=757339 Based on the build log, does not seem fixed. curl https://kojipkgs.fedoraproject.org//packages/cryptobone/1.0.2/3.fc25/data/logs/x86_64/build.log | grep -Ew 'g?cc' The majority of those lines lack the -g and -grecord-gcc-switches flags that are part of $RPM_OPT_FLAGS. Ditto -fstack-protector-strong. And -Werror=format-security, and -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1. (In reply to Ville Skyttä from comment #3) > Based on the build log, does not seem fixed. If you had looked more carefully at the changes I made, you'd have noticed that the two binaries the crypto bone daemon "cryptoboned" and "openpgp" both have $RPM_OPT_FLAGS. Both of these binaries do make use of a private library "cryptlib" which is still being compiled with the options upstream has carefully selected for cryptlib. I don't see any reason why one component cannot be compiled without $RPM_OPT_FLAGS. Do you? So version 1.0.2-3 is indeed a fix of this bug. Updates for all branches have reached stable. (In reply to Ralf Senderek from comment #4) (Replying only now because I didn't see the comment until now.) > I don't see any reason why one component cannot > be compiled without $RPM_OPT_FLAGS. Do you? Honoring $RPM_OPT_FLAGS is a "must" in the Fedora packaging guidelines. https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#Compiler_flags If you think this package should be exempt of that rule, I suggest you contact the Fedora Packaging Committee. > So version 1.0.2-3 is indeed a fix of this bug. Unfortunately it isn't, see above. With the new release version 1.0.3-1 everything (including cryptlib) is now build with $RPM_OPT_FLAGS. New Koji builds for F23, F24 and rawhide: http://koji.fedoraproject.org/koji/buildinfo?buildID=760544 http://koji.fedoraproject.org/koji/buildinfo?buildID=760518 http://koji.fedoraproject.org/koji/buildinfo?buildID=760517 Updates are on their way through testing. All updates are in stable now. |