Debian Bug report logs - #835149
dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Balint Reczey <balint@balintreczey.hu>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Tue, 23 Aug 2016 00:29:00 +0200

[Message part 1 (text/plain, inline)]

Package: dpkg
Version: 1.18.10
Severity: wishlist
Tags: patch moreinfo

Dear Guillem,

As a continuation of the discussions [1][2] on debian-devel I'm
attaching the simple patch that changes dpkg's pie hardening flag
to adapt to GCC's new default settings proposed in #835148.

I'm continuing with the rebuild/autopkgtest tests according to
the Dpkg FAQ, hence the moreinfo tag.

Cheers,
Balint

[1] https://lists.debian.org/debian-devel/2016/05/msg00228.html
[2] https://lists.debian.org/debian-devel/2016/08/msg00324.html

[0002-Dpkg-Vendor-Debian-Enable-PIE-by-default-on-some-arc.patch (text/x-patch, attachment)]

Message #12 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Balint Reczey <balint@balintreczey.hu>

To: 835149@bugs.debian.org

Subject: Re: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Sun, 4 Sep 2016 03:03:03 +0200

Hi Guillem,

Many packages fail to build due to gcc ... -shared -no-pie ... failing.
I have reported the issue to GCC but they don't seem to fix that:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464

The proposed workarounds don't seem to be viable in Debian thus I
propose making the -pie dpkg hardening flag a noop instead of passing
-no-pie and friends as compiler/ flags like in the proposed patch.
This is not symmetric but consistent with Ubuntu's way of enabling PIE.

What do you think?

Cheers,
Balint

On Tue, 23 Aug 2016 00:29:00 +0200 Balint Reczey
<balint@balintreczey.hu> wrote:
> Package: dpkg
> Version: 1.18.10
> Severity: wishlist
> Tags: patch moreinfo
> 
> Dear Guillem,
> 
> As a continuation of the discussions [1][2] on debian-devel I'm
> attaching the simple patch that changes dpkg's pie hardening flag
> to adapt to GCC's new default settings proposed in #835148.
> 
> I'm continuing with the rebuild/autopkgtest tests according to
> the Dpkg FAQ, hence the moreinfo tag.
> 
> Cheers,
> Balint
> 
> [1] https://lists.debian.org/debian-devel/2016/05/msg00228.html
> [2] https://lists.debian.org/debian-devel/2016/08/msg00324.html
> 

Message #17 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Bálint Réczey <balint@balintreczey.hu>

To: 835149@bugs.debian.org

Subject: Re: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Wed, 7 Sep 2016 00:48:17 +0200

[Message part 1 (text/plain, inline)]

Hi Guillem,

I'm rebuilding all packages failed with the original patch and a good share
does compile with the following additional patches.

I would have preferred only the original patch, but apparently this is
our best chance for enabling PIE for the archive.

I'll start filing bugs for for the packages still failing to build.

Cheers,
Balint

2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
> Hi Guillem,
>
> Many packages fail to build due to gcc ... -shared -no-pie ... failing.
> I have reported the issue to GCC but they don't seem to fix that:
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
>
> The proposed workarounds don't seem to be viable in Debian thus I
> propose making the -pie dpkg hardening flag a noop instead of passing
> -no-pie and friends as compiler/ flags like in the proposed patch.
> This is not symmetric but consistent with Ubuntu's way of enabling PIE.
>
> What do you think?
>
> Cheers,
> Balint
>
> On Tue, 23 Aug 2016 00:29:00 +0200 Balint Reczey
> <balint@balintreczey.hu> wrote:
>> Package: dpkg
>> Version: 1.18.10
>> Severity: wishlist
>> Tags: patch moreinfo
>>
>> Dear Guillem,
>>
>> As a continuation of the discussions [1][2] on debian-devel I'm
>> attaching the simple patch that changes dpkg's pie hardening flag
>> to adapt to GCC's new default settings proposed in #835148.
>>
>> I'm continuing with the rebuild/autopkgtest tests according to
>> the Dpkg FAQ, hence the moreinfo tag.
>>
>> Cheers,
>> Balint
>>
>> [1] https://lists.debian.org/debian-devel/2016/05/msg00228.html
>> [2] https://lists.debian.org/debian-devel/2016/08/msg00324.html
>>

[0003-Make-pie-hardening-flag-a-noop.patch (text/x-diff, attachment)]

[0004-Update-documentation-of-the-pie-hardening-setting.patch (text/x-diff, attachment)]

Message #24 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Bálint Réczey <balint@balintreczey.hu>

To: 835149@bugs.debian.org

Subject: Re: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Tue, 18 Oct 2016 16:11:26 +0200

Hi Guillem,

gcc-6/6.2.0-7 has just been uploaded with the changed defaults.
The list of architectures is a bit different than the one in the attaches patch.
The updated list is:
amd64 arm64 armel armhf i386 mips mipsel mips64el ppc64el s390x

Cheers,
Balint

2016-09-07 0:48 GMT+02:00 Bálint Réczey <balint@balintreczey.hu>:
> Hi Guillem,
>
> I'm rebuilding all packages failed with the original patch and a good share
> does compile with the following additional patches.
>
> I would have preferred only the original patch, but apparently this is
> our best chance for enabling PIE for the archive.
>
> I'll start filing bugs for for the packages still failing to build.
>
> Cheers,
> Balint
>
> 2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
>> Hi Guillem,
>>
>> Many packages fail to build due to gcc ... -shared -no-pie ... failing.
>> I have reported the issue to GCC but they don't seem to fix that:
>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
>>
>> The proposed workarounds don't seem to be viable in Debian thus I
>> propose making the -pie dpkg hardening flag a noop instead of passing
>> -no-pie and friends as compiler/ flags like in the proposed patch.
>> This is not symmetric but consistent with Ubuntu's way of enabling PIE.
>>
>> What do you think?
>>
>> Cheers,
>> Balint
>>
>> On Tue, 23 Aug 2016 00:29:00 +0200 Balint Reczey
>> <balint@balintreczey.hu> wrote:
>>> Package: dpkg
>>> Version: 1.18.10
>>> Severity: wishlist
>>> Tags: patch moreinfo
>>>
>>> Dear Guillem,
>>>
>>> As a continuation of the discussions [1][2] on debian-devel I'm
>>> attaching the simple patch that changes dpkg's pie hardening flag
>>> to adapt to GCC's new default settings proposed in #835148.
>>>
>>> I'm continuing with the rebuild/autopkgtest tests according to
>>> the Dpkg FAQ, hence the moreinfo tag.
>>>
>>> Cheers,
>>> Balint
>>>
>>> [1] https://lists.debian.org/debian-devel/2016/05/msg00228.html
>>> [2] https://lists.debian.org/debian-devel/2016/08/msg00324.html
>>>

Message #29 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Guillem Jover <guillem@debian.org>

To: balint@balintreczey.hu, 835149@bugs.debian.org

Subject: Re: Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Wed, 26 Oct 2016 05:08:52 +0200

Hi!

On Wed, 2016-09-07 at 00:48:17 +0200, Bálint Réczey wrote:
> 2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
> > Many packages fail to build due to gcc ... -shared -no-pie ... failing.
> > I have reported the issue to GCC but they don't seem to fix that:
> > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
> >
> > The proposed workarounds don't seem to be viable in Debian thus I
> > propose making the -pie dpkg hardening flag a noop instead of passing
> > -no-pie and friends as compiler/ flags like in the proposed patch.
> > This is not symmetric but consistent with Ubuntu's way of enabling PIE.

Wow, that sucks, and we circle back at the situation of enabling PIE by
default and shared libraries failing, but in the inverse. :)

> I'm rebuilding all packages failed with the original patch and a good share
> does compile with the following additional patches.
> 
> I would have preferred only the original patch, but apparently this is
> our best chance for enabling PIE for the archive.

I think this is very unfortunate, and would make disabling PIE a PITA,
which I'd rather not inflict onto maintainers.

> I'll start filing bugs for for the packages still failing to build.

If it's to start adding -pie then sure, otherwise I'd ask if you could
hold off, as I've started to combine the patch in
<https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/builtin-pie-bindnow>
with
<https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/dpkg-buildflags-pie-gcc-specs>
to use the specs file trick but to disable instead of enable the
option, which should in principle work. It's really late here, and I'm
going to sleep, but I'd appreciate some testing once I've got it ready
tomorrow or so.

Thanks,
Guillem

Message #34 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Guillem Jover <guillem@debian.org>

To: balint@balintreczey.hu, 835149@bugs.debian.org

Subject: Re: Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Wed, 26 Oct 2016 05:41:59 +0200

Hi!

On Wed, 2016-10-26 at 05:08:52 +0200, Guillem Jover wrote:
> On Wed, 2016-09-07 at 00:48:17 +0200, Bálint Réczey wrote:
> > 2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
> > > Many packages fail to build due to gcc ... -shared -no-pie ... failing.
> > > I have reported the issue to GCC but they don't seem to fix that:
> > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
> > >
> > > The proposed workarounds don't seem to be viable in Debian thus I
> > > propose making the -pie dpkg hardening flag a noop instead of passing
> > > -no-pie and friends as compiler/ flags like in the proposed patch.
> > > This is not symmetric but consistent with Ubuntu's way of enabling PIE.
> 
> Wow, that sucks, and we circle back at the situation of enabling PIE by
> default and shared libraries failing, but in the inverse. :)
> 
> > I'm rebuilding all packages failed with the original patch and a good share
> > does compile with the following additional patches.
> > 
> > I would have preferred only the original patch, but apparently this is
> > our best chance for enabling PIE for the archive.
> 
> I think this is very unfortunate, and would make disabling PIE a PITA,
> which I'd rather not inflict onto maintainers.
> 
> > I'll start filing bugs for for the packages still failing to build.
> 
> If it's to start adding -pie then sure, otherwise I'd ask if you could
> hold off, as I've started to combine the patch in
> <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/builtin-pie-bindnow>
> with
> <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/dpkg-buildflags-pie-gcc-specs>
> to use the specs file trick but to disable instead of enable the
> option, which should in principle work. It's really late here, and I'm
> going to sleep, but I'd appreciate some testing once I've got it ready
> tomorrow or so.

Ok, I ended up finishing this up now, but I've not tested the results,
the commit is:

  <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/builtin-pie-bindnow&id=2facf7bb7f148672282e01ea86b4c10dff4d0ef2>

Thanks,
Guillem

Message #39 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Bálint Réczey <balint@balintreczey.hu>

To: Guillem Jover <guillem@debian.org>

Cc: 835149@bugs.debian.org

Subject: Re: Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Wed, 26 Oct 2016 17:21:00 +0200

Hi,

2016-10-26 5:41 GMT+02:00 Guillem Jover <guillem@debian.org>:
> Hi!
>
> On Wed, 2016-10-26 at 05:08:52 +0200, Guillem Jover wrote:
>> On Wed, 2016-09-07 at 00:48:17 +0200, Bálint Réczey wrote:
>> > 2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
>> > > Many packages fail to build due to gcc ... -shared -no-pie ... failing.
>> > > I have reported the issue to GCC but they don't seem to fix that:
>> > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
>> > >
>> > > The proposed workarounds don't seem to be viable in Debian thus I
>> > > propose making the -pie dpkg hardening flag a noop instead of passing
>> > > -no-pie and friends as compiler/ flags like in the proposed patch.
>> > > This is not symmetric but consistent with Ubuntu's way of enabling PIE.
>>
>> Wow, that sucks, and we circle back at the situation of enabling PIE by
>> default and shared libraries failing, but in the inverse. :)
>>
>> > I'm rebuilding all packages failed with the original patch and a good share
>> > does compile with the following additional patches.
>> >
>> > I would have preferred only the original patch, but apparently this is
>> > our best chance for enabling PIE for the archive.
>>
>> I think this is very unfortunate, and would make disabling PIE a PITA,
>> which I'd rather not inflict onto maintainers.

Yes, it is painful, but most upstreams will implement disabling PIE
anyway, since Ubuntu 16.10 is out with PIE enabled by default.
Quicker maintainers have Ubuntu patches as guides and slowly reacting
ones can just update to latest upstream.

>>
>> > I'll start filing bugs for for the packages still failing to build.
>>
>> If it's to start adding -pie then sure, otherwise I'd ask if you could
>> hold off, as I've started to combine the patch in
>> <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/builtin-pie-bindnow>
>> with
>> <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/dpkg-buildflags-pie-gcc-specs>
>> to use the specs file trick but to disable instead of enable the
>> option, which should in principle work. It's really late here, and I'm
>> going to sleep, but I'd appreciate some testing once I've got it ready
>> tomorrow or so.

I don't plan filing new bugs, don't worry. :-)

>
> Ok, I ended up finishing this up now, but I've not tested the results,
> the commit is:
>
>   <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/commit/?h=pu/builtin-pie-bindnow&id=2facf7bb7f148672282e01ea86b4c10dff4d0ef2>

This may be a better option than appending -no-pie, but I have two
concerns which you may already have considered:

If we go the -specs way we may need to update the specs for newer GCC-s'
default specs/spec syntax, but detecting and supporting several
GCC versions from dpkg could be painful.

My other concern is that clang does not support GCC's spec files thus
disabling PIE would still be an open question for people performing
rebuilds with clang and packages building with clang. I know that the
default compiler is GCC, but recompiling packages with clang revealed
some interesting issues in the past thus I would not just ignore clang
in this case.

A non-technical but relevant fact is that I reserved my free time to
work on the PIE transition in August and September, but I my next months
will be busier and I can't do many rebuilds and excessive triaging.

Cheers,
Balint

Message #44 received at 835149@bugs.debian.org (full text, mbox, reply):

From: Bálint Réczey <balint@balintreczey.hu>

To: Guillem Jover <guillem@debian.org>

Cc: 835149@bugs.debian.org

Subject: Re: Bug#835149: dpkg: please adapt setting the default pie hardening flag to gcc's new defaults

Date: Thu, 27 Oct 2016 15:38:17 +0200

2016-10-26 17:21 GMT+02:00 Bálint Réczey <balint@balintreczey.hu>:
> Hi,
>
> 2016-10-26 5:41 GMT+02:00 Guillem Jover <guillem@debian.org>:
>> Hi!
>>
>> On Wed, 2016-10-26 at 05:08:52 +0200, Guillem Jover wrote:
>>> On Wed, 2016-09-07 at 00:48:17 +0200, Bálint Réczey wrote:
>>> > 2016-09-04 3:03 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
>>> > > Many packages fail to build due to gcc ... -shared -no-pie ... failing.
>>> > > I have reported the issue to GCC but they don't seem to fix that:
>>> > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77464
>>> > >
>>> > > The proposed workarounds don't seem to be viable in Debian thus I
>>> > > propose making the -pie dpkg hardening flag a noop instead of passing
>>> > > -no-pie and friends as compiler/ flags like in the proposed patch.
>>> > > This is not symmetric but consistent with Ubuntu's way of enabling PIE.
>>>
>>> Wow, that sucks, and we circle back at the situation of enabling PIE by
>>> default and shared libraries failing, but in the inverse. :)

One option would be setting CC to $(CC) -no-pie to work around GCC's
behavior, but I did not want to go this way since dpkg-buildflags did not
modify CC in the past. From pragmatic POV this would work for many
of the affected packages and would also work for clang.

Cheers,
Balint

Message #47 received at 835149-submitter@bugs.debian.org (full text, mbox, reply):

From: Guillem Jover <guillem@debian.org>

To: 835149-submitter@bugs.debian.org

Subject: Bug#835149 in package dpkg marked as pending

Date: Sun, 06 Nov 2016 02:07:36 +0000

Control: tag 835149 pending

Hi!

Bug #835149 in package dpkg reported by you has been fixed in
the dpkg/dpkg.git Git repository. You can see the changelog below, and
you can check the diff of the fix at:

    https://anonscm.debian.org/cgit/dpkg/dpkg.git/diff/?id=1852648

---
commit 1852648603b1cc26ee4ce95a5173032445af4eb1
Author: Guillem Jover <guillem@debian.org>
Date:   Fri Oct 21 00:18:55 2016 +0200

    Dpkg::Vendor::Debian: Handle PIE enabled by default in gcc
    
    Add support for compiler built-in features, so that we do not set
    them when enabled and set negated flags when disabled.
    
    We use gcc spec files to set these flags so that we avoid any conflict
    with other incompatible flags that would make the build fail.
    
    Closes: #835149
    Based-on-patch-by: Bálint Réczey <balint@balintreczey.hu>

diff --git a/debian/changelog b/debian/changelog
index 1ecf178..92ba2aa 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -69,6 +69,11 @@ dpkg (1.18.11) UNRELEASED; urgency=medium
   * Enable dpkg-buildpackage -Jauto by default. Closes: #842845
   * Fix dpkg to not fail when removing non-existent backup files on read-only
     filesystems. Closes: #838877
+  * Handle PIE enabled by default in gcc. On achitectures where gcc enables
+    them by default, stop setting -fPIE and -pie, and set -fno-PIE and
+    -no-pie when disabling «pie» via gcc specs files, so that we do not
+    emit them on situations where it would be inappropriate. Closes: #835149
+    Based on a patch by Bálint Réczey <balint@balintreczey.hu>.
   * Architecture support:
     - Add support for AIX operating system.
     - Add a version pseudo-field to the arch tables.

Message #54 received at 835149-close@bugs.debian.org (full text, mbox, reply):

From: Guillem Jover <guillem@debian.org>

To: 835149-close@bugs.debian.org

Subject: Bug#835149: fixed in dpkg 1.18.11

Date: Sun, 06 Nov 2016 03:33:35 +0000

Source: dpkg
Source-Version: 1.18.11

We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 835149@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guillem Jover <guillem@debian.org> (supplier of updated dpkg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 06 Nov 2016 03:09:02 +0100
Source: dpkg
Binary: dpkg libdpkg-dev dpkg-dev libdpkg-perl dselect
Architecture: source
Version: 1.18.11
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 dpkg       - Debian package management system
 dpkg-dev   - Debian package development tools
 dselect    - Debian package management front-end
 libdpkg-dev - Debian package management static library
 libdpkg-perl - Dpkg perl modules
Closes: 138409 787980 833964 834584 835149 838877 839905 840293 841117 842004 842187 842230 842845 843248
Changes:
 dpkg (1.18.11) unstable; urgency=medium
 .
   [ Guillem Jover ]
   * Make dpkg-maintscript-helper conffile commands more robust. Check that
     conffile pathname arguments are absolute paths and verify version number
     to be valid. Thanks to David Kalnischkies <david@kalnischkies.de>.
   * Add support to dpkg-scanpackages for scanning a single binary file.
     Thanks to Javier Serrano Polo <javier@jasp.net>. Closes: #833964
   * Obsolete dpkg-deb bzip2 and lzma compression methods by emitting errors.
   * Remove obsolete dpkg-deb --old and --new options.
   * Remove obsolete dpkg --print-installation-architecture option.
   * Fix dpkg error messages when parsing md5sum files to include the package
     name affected.
   * Do not emit epochs for unambiguous versions in deb-split package header.
     Regression introduced in dpkg 1.18.0.
   * Make the deb-split(5) generation in dpkg-split reproducible, by using the
     timestamp from SOURCE_DATE_EPOCH.
   * Generate reproducible file modes for the .deb control member contents.
     Closes: #787980
   * Switch from non-freeing malloc to m_malloc on statdb slurping.
   * Switch from non-freeing malloc to m_malloc for invoke hooks.
   * Always reset the package in-core database when shutting down the package
     database journal.
   * Do not crash if we pass a NULL cip argument to setaction() in libdpkg.
   * Shutdown the package database journal in dpkg --get-selections.
   * Fix (deactivated) dpkg --command-fd to initialize and reset the files
     database on each action.
   * Implement source stanza substvars prefixed with S: in dpkg-gencontrol.
     These auto-generated variables map each source stanza field into an
     output substvar prefixed with “S:”.
   * Make dpkg-source generate reproducible source packages when run
     standalone, by honoring SOURCE_DATE_EPOCH.
   * Fix several short-lived memory leaks in update-alternatives.
     Reported by Helmut Grohne <helmut@subdivi.de>.
   * Only set the error context message in libdpkg if it has been formatted
     correctly.
   * Return error in error_context_errmsg_format() only if the error message
     gets truncated. In case we have to use the emergency buffer because the
     previous vasprintf() call failed, we should only return an error code if
     the vsnprintf() call on the emergency buffer truncates the output.
   * Fix free() on uninitialized pointer in error_context_errmsg_format() in
     libdpkg. Regression introduced in dpkg 1.18.7. Closes: #842004
   * Move C++ support code into its own file.
   * Add replacement new and delete array operators to C++ support code.
   * Implement local abi::__cxa_pure_virtual. When using g++ if we provide our
     version of this function we can avoid the dependency on either libstdc++
     or libsup++.
   * Include missing <new> for new and delete operator declarations.
   * Do not log nor print duplicate dpkg removal action. We print
     “Removing <package> (<version>)” lines and log remove action twice
     when purging a package from frontends, because they usually first call
     --remove and then --purge sequentially. When purging a package which is
     already in config-files (i.e. it has been removed before), do not print
     nor log the remove action.
   * Remove default «.» from @INC before loading perl modules in perl code.
     Fixes CVE-2016-1238.
   * Give more information on --set-selections warnings. Closes: #842230
   * Add new DEB_*_ARCH_ABI and DEB_*_ARCH_LIBC variables to dpkg-architecture
     and architecture.mk Makefile fragment.
   * Do substvar instantiation just once in dpkg-gencontrol.
   * Fix dpkg-gencontrol to not update the files list file (debian/files)
     when printing to STDOUT (via -O).
   * Do not add architectures to .changes Architecture field for artifacts
     that are not a .deb or .udeb in dpkg-genchanges.
   * Add support for .buildinfo files:
     - Add new dpkg-genbuildinfo command.
     - Hook it into the dpkg-buildpackage machinery.
     Based on a patch by Jérémy Bobbio <lunar@debian.org>. Closes: #138409
   * Enable dpkg-buildpackage -Jauto by default. Closes: #842845
   * Fix dpkg to not fail when removing non-existent backup files on read-only
     filesystems. Closes: #838877
   * Handle PIE enabled by default in gcc. On achitectures where gcc enables
     them by default, stop setting -fPIE and -pie, and set -fno-PIE and
     -no-pie when disabling «pie» via gcc specs files, so that we do not
     emit them on situations where it would be inappropriate. Closes: #835149
     Based on a patch by Bálint Réczey <balint@balintreczey.hu>.
   * Architecture support:
     - Add support for AIX operating system.
     - Add a version pseudo-field to the arch tables.
     - Internally represent Debian architectures as quadruplets.
   * Portability:
     - Cast off_t variables to intmax_t when printing them with "%jd".
     - Add missing <string.h> include in libdpkg.
     - Cast strlen() return value to ssize_t to match write() return type.
     - Use underscore-prefixed system preprocessor symbols instead of namespace
       polluting ones (such as “linux”, “OPENBSD” or “hpux”).
     - Handle _POSIX_PRIORITY_SCHEDULING being defined to -1 or 0 in
       start-stop-daemon. This affects Mac OS X.
     - On FreeBSD return STATUS_UNKNOWN instead of false in start-stop-daemon
       do_procinit().
     - Port start-stop-daemon process handling to Mac OS X.
       Based on a patch by Mo McRoberts <mo@nevali.net>.
     - Port start-stop-daemon process handling to AIX.
     - Fix lookup by name on update-alternatives --config. The code was wrong
       and not working at least on Mac OS X, making the test suite to fail.
     - Only use gzip --rsyncable in Dpkg::Compression on Debian and hopefully
       derivatives, by using perl's $Config{cf_by} variable to key on. The
       Debian-specific --rsyncable option should have never been accepted for
       use in dpkg to begin with.
     - Use our own dpkg_ar_hdr struct instead of relying on the system
       ar_hdr struct, as the ar format is not standardized and does vary
       across systems, for example on AIX.
     - Add <sys/sysmacros.h> on AIX for major() and minor().
     - Add missing <errno.h> in libcompat.
     - Include libcompat getopt module when we need getopt_long.
     - Disable gettext support in libcompat getopt module. We do not carry
       translations for this module, and it makes it pull libintl for programs
       that might not use it otherwise.
   * Perl modules:
     - Obsolete Source-Version substvar in Dpkg::Substvars by emitting errors.
     - Rework keyring hooks in Dpkg::Vendor. Deprecate the keyrings hook, and
       add package-keyrings, archive-keyrings and archive-keyrings-historic
       hooks. Prompted by Johannes Schauer <josch@debian.org>.
     - Make the Dpkg::Substavars parse() method return the number of substvars
       parsed.
     - Add new set_field_substvars() method to Dpkg::Substvars.
     - Fix reproducible source package support in Dpkg::Source::Archive, by
       sorting the tar contents with --sort=name.
     - Prefix private Dpkg::Source::Package::* functions with _.
     - Defer filehandle closures in Dpkg::IPC::spawn() to avoid double-close.
       Closes: #839905, #840293
     - Always map the build type to the shortest string form in
       Dpkg::Build::Type::get_build_options_from_type().
     - Change Dpkg::Compression::FileHandle to inherit directly from IO::File
       instead of FileHandle.
     - Add new Dpkg::PROGTAR variable to store GNU tar command name.
     - Add new Dpkg::PROGMAKE variable to store GNU make command name.
     - Add new CTRL_FILE_BUILDINFO type to Dpkg::Control.
     - Add new .buildinfo fields to Dpkg::Control::Fields.
     - Add new builtin-system-build-paths Dpkg::Vendor hook.
     - Cope gracefully with changelogs missing a timestamp trailer.
       Based on a patch by Ian Jackson <ijackson@chiark.greenend.org.uk>.
       Regression introduced in dpkg 1.18.8. Closes: #843248
   * Packaging:
     - Add liblocale-gettext-perl to libdpkg-perl Recommends.
     - Wrap and document dependency relationships.
     - Remove obsolete dependency relationships, since Debian oldstable.
     - Remove update-alternatives, dpkg-divert and dpkg-statoverride
       compatibility symlinks, again.
     - Use perl:Depends via dh_perl instead of a hardcoded perl in Depends.
     - Add perl:Depends to dpkg-dev Depends.
     - Remove unused dh_strip from binary_indep target.
     - Remove ancient upgrade code from maintainer scripts (before 1.15.x).
     - Stop compressing the dpkg.deb package with gzip.
     - Move dpkg to be the first binary package stanza in debian/control, as
       debhelper assigns special meaning by considering it the main package.
     - Set MAKEFLAGS to -jN from parallel=N in DEB_BUILD_OPTIONS.
   * Documentation:
     - Update custom changelog parser API support status in README.api.
     - Fix typos in docs and man pages. Thanks to Jakub Wilk <jwilk@debian.org>
       Closes: #834584
     - Fix formatting in SOURCE_DATE_EPOCH description in dpkg-deb(5).
     - Improve dpkg-deb --build arguments documentation in dpkg-deb(1).
       Prompted by Johannes Schauer <josch@debian.org>.
     - Document the .changes filename that dpkg-buildpackage generates in
       dpkg-buildpackage(1). Prompted by Johannes Schauer <josch@debian.org>.
     - Add basic maintainer script man pages: deb-postinst(5), deb-postrm(5),
       deb-preinst(5) and deb-prerm(5).
     - Add new deb-src-files(5) man page.
       Prompted by Johannes Schauer <josch@debian.org>.
     - Add man page references to other binary control files in dpkg(1).
     - Add version when "new" substvars were introduced in deb-substvars(5).
     - Switch deb-triggers(5) types into a proper list.
     - Itemize --log format entries in dpkg(1).
     - Turn the update-alternatives(1) --query example item into a sub-section.
     - Turn the Multi-Arch values into a list in deb-control(5).
     - Improve user-defined field export marker documentation in
       deb-src-control(5); clarify that X can be followed by zero or more
       (instead of one or more) letters and turn the items into a proper list.
     - Generate the man pages at build time. This makes it possible to process
       them and update several variable strings such as system and package
       pathnames, the release date and the dpkg suite version. And makes it
       possible to use UTF-8 in the source and convert to the more conservative
       groff escape sequences on the output.
     - Switch from groff escape sequences to UTF-8 in man pages sources.
     - Disable hyphenation in man pages globally, because it performs very
       poorly on many technical terms.
     - Append the German man pages addendum at the end of the translation,
       instead of assuming that every page has the SEE ALSO section.
     - Explicitly mention that Dpkg::Checksums::add_from_file() is used to
       verify digests too. Prompted by Johannes Schauer <josch@debian.org>.
     - Document the behavior for consecutive calls to Dpkg perl module parse()
       methods. Prompted by Johannes Schauer <josch@debian.org>.
     - Document obsolete functions in Dpkg::Conf.
   * Test suite:
     - Make test main function a TEST_ENTRY macro. This avoids confusing
       coverage programs, as the file that actually contains the main function
       is the test itself.
     - Rename test suite commands to be prefixed with «c-» instead of «t-».
     - Add new dpkg-source functional tests.
     - Add new dpkg-buildpackage functional tests.
     - Add an initial functional test suite for dpkg-deb and dpkg-split.
     - Skip the involved tests if IO::String is missing.
     - Add new unit test for libdpkg error handling.
     - Delete MAKEFLAGS environment variable when testing make invocations.
     - Pass -q to grep command to suppress matched output in pod-coverage.t.
     - Ignore POD coverage for partially private modules.
   * Build system:
     - Add support for profiling perl modules.
     - Clean up compiler and linker automatic flag usage in configure.
     - Fix the __progname check to avoid the optimizer discarding the symbol.
     - Fix M4sh/Autoconf coding style. Add a new section to coding-style.txt
       describing M4sh/Autoconf.
     - Disable C++ exceptions for dselect.
     - Fix typo in SE Linux library detection code, only affecting static
       mode (not used in Debian). Regression introduced in dpkg 1.18.8.
     - Change --with-* option logic to default to check.
     - Disable -Wtautological-constant-out-of-range-compare (for clang).
     - Check the availability of -W<warning> variant instead of -Wno-<warning>.
       As at least gcc and clang do not warn on -Wno-* warning flags, only
       when some unrelated warning needs to be emitted.
     - Bump po4a version to 0.43 (we are using --porefs wrap option).
     - Add support for running the test suite in parallel.
     - Specify exec argument for TAP::Harness to gracefully handle non-perl
       executables with older versions of the module.
     - Require libselinux 2.0.99 for baseline API, remove static linking
       support, use pkg-config unconditionally, and perform refinement checks
       only if available.
     - Check for the required minimal perl version.
     - Use builddir instead of CURDIR in man Makefile.am.
     - Use cp with -R instead of -r (the former is more portable and not
       marked as deprecated by POSIX).
     - Print an actual newline instead of a literal \n in lcov output.
     - Do not honor DPKG_DATADIR on the installed Dpkg module.
     - Pass --as-needed to the linker for dselect to avoid libstdc++ dependency.
       Which makes of dselect the only front-end not pulling the C++ run-time.
 .
   [ Updated programs translations ]
   * Dutch (Frans Spiesschaert). Closes: #841117
   * German (Sven Joachim).
 .
   [ Updated scripts translations ]
   * German (Helge Kreutzmann).
 .
   [ Updated man pages translations ]
   * Dutch (Frans Spiesschaert). Closes: #842187
   * German (Helge Kreutzmann).
Checksums-Sha1:
 c0006dfb6ea551f7fee12cf5c861e34e1ac3c40f 2000 dpkg_1.18.11.dsc
 1e339b1b5a61d6fc0867c457ebda84bb11d6a8b6 4467908 dpkg_1.18.11.tar.xz
Checksums-Sha256:
 bed73d87abe1d49487b63697cbccd040a70876c31d31e3cb51530261ba37a6a3 2000 dpkg_1.18.11.dsc
 06df357a9bcc30f84c070fc8a50523ec7197a1ddec44300cf1072fabcaa4156b 4467908 dpkg_1.18.11.tar.xz
Files:
 b52c36de9ef0f54a52c5bc77f43e12e4 2000 admin required dpkg_1.18.11.dsc
 913b26386a4afdee1d54a490c73b09ee 4467908 admin required dpkg_1.18.11.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYHp8DAAoJELlyvz6krlejlnUQAKWb9h63EOQt6kezR+M+yieR
DwTsACQChxKBmJHLltmlIYiA642GoQp/mne7qbXP436RgHUFOULVCSEBaFBPc4sM
fzyKAMYOKKXc2hKiw/6Hh5HnwMbc2mEq5Gfi+jXm4vLurOV1tdHP4C6YliP2MWWw
6uyx3w5JjF4Dw5Cn1aQcTv3ibGNQajOEDVXfV4j+qmOyxLBXh9Zau5q2odpAuzDy
aXEJ7dSUywa4qJ3DmYVSoyuIMU94esUGDfvNPvuDXRZ0iIMPQoZXR3oavmNheduF
3J/g+WzKSArBnpIMGZ7c5sevl7suyNM0HSScK6cRC6Q79K47PLYD31LmoBpHrXDm
sXMslUX93i3bhUROFZcejptPQvpWHvP4MMfzMu5Ds9mGzbCD95bdAzsiHxAl3FM1
OEi6xy5OA3Mn+bY7RDLXXInw3a/GHLW+WfQK8qO5IlR21EiHp78d/DHagjV94K9s
OPqeyKTHTeUZm6DFx4issALsLkeisPYho8jV84KWS/qKUlbWuvbNHi0BxsUNySMx
R6rwZxl8X+DaBz5Ji8XGcf/WMtprEPCwqOCBcUsTozlzSm3/+h062pecI8ptF536
JcAKbQBn9kvRgI+MXXzLnHu03YKkX/ujfemjK9JC51cKE8NGC6+IU8y0YHFTlsG0
s7R6d3MMDxMzNsaErxed
=3fd2
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.