Sync architecture specific hardening support with dpkg 1.17.1.

diff --git a/bin/blhc b/bin/blhc
index e2658ae9f329f96959ef5b229d8035a6fa1f5172..b5177bdda7b88e6a452c57c93f091318c5d4301d 100755 (executable)
--- a/bin/blhc
+++ b/bin/blhc
@@ -920,7 +920,7 @@ foreach my $file (@ARGV) {
 
     # Option or auto detected.
     if ($arch) {
-        # The following was partially copied from dpkg-dev 1.16.4.3
+        # The following was partially copied from dpkg-dev 1.17.1
         # (/usr/share/perl5/Dpkg/Vendor/Debian.pm, add_hardening_flags()),
         # copyright Raphaël Hertzog <hertzog@debian.org>, Kees Cook
         # <kees@debian.org>, Canonical, Ltd. licensed under GPL version 2 or
@@ -930,7 +930,12 @@ foreach my $file (@ARGV) {
         my ($abi, $os, $cpu) = Dpkg::Arch::debarch_to_debtriplet($arch);
 
         # Disable unsupported hardening options.
-        if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa)$/ or $arch eq 'arm') {
+        if ($os !~ /^(?:linux|knetbsd|hurd)$/ or
+                $cpu =~ /^(?:hppa|mips|mipsel|avr32)$/) {
+            $harden_pie = 0;
+        }
+        if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa|arm64)$/
+                or $arch eq 'arm') {
             $harden_stack = 0;
         }
         if ($cpu =~ /^(?:ia64|hppa|avr32)$/) {