It looks like apron tries to drop _FORTIFY_SOURCE from Makefile.config using a regex: sed -i 's/-Wp,-D_FORTIFY_SOURCE=2/-Werror=format-security &/' Makefile.config This no longer works and apron now gets built with _FORTIFY_SOURCE=3. Is disabling fortification necessary? If yes, then please using the new %_fortify_level macro instead: https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/rawhide/f/buildflags.md
No, it isn't removing the fortify flag. Notice the '&' character on the right hand side. It's using the fortify flag to find a place to reinsert -Werror=format-security, which upstream's configure script removes. I'll find a different anchor for reinserting that flag, or else bludgeon the configure script into not removing it in the first place. Thanks for bringing this to my attention.
FEDORA-2023-c3f47099c2 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-c3f47099c2
FEDORA-2023-c3f47099c2 has been pushed to the Fedora 38 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-c3f47099c2 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-c3f47099c2 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.