This is a tracking bug for Change: Add _FORTIFY_SOURCE=3 to distribution build flags For more details, see: https://fedoraproject.org/wiki/Changes/Add_FORTIFY_SOURCE%3D3_to_distribution_build_flags Replace the current _FORTIFY_SOURCE=2 with _FORTIFY_SOURCE=3 to improve mitigation of security issues arising from buffer overflows in packages in Fedora. If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.
redhat-rpm-config change is in: https://src.fedoraproject.org/rpms/redhat-rpm-config/pull-request/228 Now to wait for the mass rebuild to confirm that everything works. Broken packages (failed builds or runtime failures) should block this bug until it is determined that the breakage exposes a bug in that package.
Today we reached the Code Complete (Testable) milestone on the F38 schedule: https://fedorapeople.org/groups/schedule/f-38/f-38-key-tasks.html At this time, all F38 Changes should be complete enough to be testable. You can indicate this by setting this tracker to the MODIFIED status. If the Change is 100% code complete, you can set the tracker to ON_QA. If you need to defer this Change to F39, please NEEDINFO me. Changes that have not reached at least the MODIFIED status will be given to FESCo for evaluation of contingency plans.