Version 0.XX
------------
+- Sync architecture specific hardening support with dpkg 1.19.5.
+
+
+Version 0.09
+------------
+
+- Detect restore of -D_FORTIFY_SOURCE=2 after it was overwritten by
+ -D_FORTIFY_SOURCE=0 or 1 or -U_FORTIFY_SOURCE; reported by Mike Hommey
+ (Debian bug #898332).
+- Detect overwrite of -fstack-protector options with -fno-stack-protector
+ (same for -fstack-protector-all and -fstack-protector-strong).
+- Don't treat hexdumps which contain "cc" as compiler lines; reported by Kurt
+ Roeckx (Debian bug #899137).
+
+
+Version 0.08
+------------
+
- Support new dpkg versions which replaced Dpkg::Arch's debarch_to_debtriplet
with debarch_to_debtuple (Debian Bug #844393), reported by Johannes Schauer.
- Support Open MPI mpicc/mpicxx compiler wrappers to prevent false positives
Eriberto Mota for the suggestion. This is not enabled per default to prevent
false negatives as the flags are missing from the build log and blhc can't
detect if the compiler applied PIE internally (c.f. Debian Bug 845339).
+- Add --line-numbers command line option
+- Sync architecture specific hardening support with dpkg 1.19.0.5.
+- Use proper look back for non-verbose detection if DEB_BUILD_OPTIONS=parallel
+ is present. Previously it was too small causing false-positives if the
+ option was detected.
Version 0.07
ruderich.org/simon / blhc / blhc.git / blobdiff