Lintian warning: hardening-no-fortify-functions & version numbering
On Tue, Jun 19, 2012 at 04:04:31PM +0200, Josť Luis Segura Lucas wrote:
> I have read the output of lintian-info -t about
> hardening-no-fortify-functions, and it helps a lot. The software uses
> Cmake as build tool, and the "hardening-wrapper" solution solved some
> lintian warnings, but not the latest one.
Why do you need hardening-wrapper? You should use flags set by
> I have looked at the buld logs, and I can see that the CPPFLAGS
> "-D_FORTIFY_SOURCE=2" is included in all the compiler calls, but the
> warning is still present.
> What's the problem with this?
You should read http://bugs.debian.org/673112 mentioned in the lintian tag
description and use hardening-check --verbose on binaries reported. If
only memcpy and memmove are printed by hardening-check, you should ignore
> My another question is about the version numbering: the software is
> still in development and they make a new minor version each week
> (approximately). Sometimes I need to package something that is in their
> repository but not still in a numbered version, so, I tried to use the
> latest known version and add a ~TIMESTAMPgit... to the minor version
> number, but debuild warns me about the version 0.1.0~2012......git-1 is
> less than 0.1.0.
That's right, 0.1.0~2012......git-1 is less than 0.1.0. If you need
versions that are greater than 0.1.0, use + instead of ~.
> The latest thing is that I have seen several packages with ~TIMESTAMP
> (screen, by example): they add a alpha-numeric string after the "git"
> word... what does it mean?
> Where can I found some information about packaging directly from VCS?
(if you use git-buildpackage)