Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the YAML-LibYAML CPAN distribution.

Report information
The Basics
Id:
75365
Status:
resolved
Priority:
Low/Low
Queue:

People
Owner:
Nobody in particular
Requestors:
darkjunix [...] gmail.com
Cc:
AdminCc:

BugTracker
Severity:
(no value)
Broken in:
(no value)
Fixed in:
(no value)

Attachments


Subject: Patch to Fix FTBFS with hardening flags
Date: Tue, 28 Feb 2012 03:04:33 -0500
To: bug-YAML-LibYAML@rt.cpan.org
From: Julián Moreno Patiño <darkjunix@gmail.com>
Hi,

The attached patch fix a fail to build from source with Hardening flags enabled[0].

The error is caused by format-security flag. Please see part of the buildlog[1].

Please consider applying it for the next release.



Kind regards,

--
Julián Moreno Patiño
 .''`. Debian GNU/{Linux,KfreeBSD}
: :' : Free Operating Systems
  `-   PGP KEY ID 6168BF60
Registered GNU Linux User ID 488513

Message body is not shown because sender requested not to inline it.

From: ntyni@iki.fi
On Tue Feb 28 03:05:03 2012, darkjunix@gmail.com wrote:
Show quoted text
> The attached patch fix a fail to build from source with Hardening flags > enabled[0]. > > The error is caused by format-security flag. Please see part of the > buildlog[1].
This is a duplicate of #46507. As I already said there, these errors cause real security issues and Debian will be issuing security updates for them. I'm not aware of a CVE id yet, but I expect one will be allocated. Please fix this as soon as possible. If you want more details, just let me know. -- Niko Tyni ntyni@debian.org
From: ntyni@iki.fi
On Fri Mar 09 01:05:55 2012, ntyni@iki.fi wrote:
Show quoted text
> On Tue Feb 28 03:05:03 2012, darkjunix@gmail.com wrote: >
> > The attached patch fix a fail to build from source with Hardening flags > > enabled[0]. > > > > The error is caused by format-security flag. Please see part of the > > buildlog[1].
> > This is a duplicate of #46507. As I already said there, these errors > cause real security issues and Debian will be issuing security updates > for them. I'm not aware of a CVE id yet, but I expect one will be
allocated. This is CVE-2012-1152. http://seclists.org/oss-sec/20 12/q1/609
Seems this can be closed as https://rt.cpan.org/Public/Bug/Display.html?id=46507 was resolved.


This service runs on Request Tracker, is sponsored by The Perl Foundation, and maintained by Best Practical Solutions.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.