NEWS
====
-Version 0.XX
+Version 0.09
+------------
+
+- Detect restore of -D_FORTIFY_SOURCE=2 after it was overwritten by
+ -D_FORTIFY_SOURCE=0 or 1 or -U_FORTIFY_SOURCE; reported by Mike Hommey
+ (Debian bug #898332).
+- Detect overwrite of -fstack-protector options with -fno-stack-protector
+ (same for -fstack-protector-all and -fstack-protector-strong).
+- Don't treat hexdumps which contain "cc" as compiler lines; reported by Kurt
+ Roeckx (Debian bug #899137).
+
+
+Version 0.08
------------
- Support new dpkg versions which replaced Dpkg::Arch's debarch_to_debtriplet
in non-verbose-build detection, reported by Boud Roukema and Nico Schlömer
(Debian Bug #853265).
- Add better support for Fortran (c.f. Debian Bug #853265).
+- Don't report missing PIE flags in buildd mode if GCC defaults to PIE (c.f.
+ Debian Bug 845339).
+- Add new --debian option to handle PIE flags like buildd mode, thanks to
+ Eriberto Mota for the suggestion. This is not enabled per default to prevent
+ false negatives as the flags are missing from the build log and blhc can't
+ detect if the compiler applied PIE internally (c.f. Debian Bug 845339).
+- Add --line-numbers command line option
+- Sync architecture specific hardening support with dpkg 1.19.0.5.
+- Use proper look back for non-verbose detection if DEB_BUILD_OPTIONS=parallel
+ is present. Previously it was too small causing false-positives if the
+ option was detected.
Version 0.07
ruderich.org/simon / blhc / blhc.git / blobdiff