FESCo Ticket: https://fedorahosted.org/fesco/ticket/1128
The new compiler flag "-fstack-protector-strong" in Fedora 19's gcc achieves a better balance between security and performance (when compared against the default -fstack-protector and available -fstack-protector-all options).
I am proposing to switch from using the "-fstack-protector" flag to "-fstack-protector-strong" in Fedora 20. The switch involves changing a single line in /usr/lib/rpm/redhat/macros file.
Created attachment 766017 [details]
Patch for fixing this bug is attached.
In case of problems, please see https://bitbucket.org/dhiru/redhat-rpm-config/commits/all
Does the attached patch works for you?
Can we fix this bug ASAP (in order to catch potential problems early on) ?
Panu, please review and incorporate (or help correct it if it needs work).
At the FESCo meeting on 2013-07-03 we decided that this change needs to be made before the F20 mass-rebuilds take place. Thus nominating it for an F20Alpha blocker.
I was on vacation for a couple of days and this ends all the way up to FESCo?
I dont see how a s/fno-stack-protector/fno-stack-protector-strong/ operation would need a whole lot of "review" from me, especially considering the whole hardening stuff was added by someone else to begin with (but thats beside the point here)
So yeah yeah, I'll drop it in soonish.
Oh, this wasn't linked to the hardening stuff at all, my mistake.
And apparently it does need a bit of review afterall: there's no such option as "-fno-stack-protector-strong" which the patch introduces for aarch64.
Changed in redhat-rpm-config-9.1.0-47.fc20
It would be great if we could get rid of those "whitespace errors" (from the SPEC file) in a future update.
Um, what whitespace errors?
whitespace errors ==> some empty lines have stray spaces / tabs in them.
Turn on colours in the git configuration and see the output of "git log -p".