X-Git-Url: https://ruderich.org/simon/gitweb/?p=blhc%2Fblhc.git;a=blobdiff_plain;f=NEWS;h=47d3327503e2e18ab1a80314c39ed6e9ef6031ed;hp=8f6731cbc8e7f5e4bef2931e4ad43357ae5c319d;hb=c00a6af3163584d9bbe5f0742f9ed001c202e564;hpb=766ce7c378d81e02b6cf993ba5c39f8729daf43a diff --git a/NEWS b/NEWS index 8f6731c..47d3327 100644 --- a/NEWS +++ b/NEWS @@ -4,7 +4,43 @@ NEWS Version 0.XX ------------ +- Detect restore of -D_FORTIFY_SOURCE=2 after it was overwritten by + -D_FORTIFY_SOURCE=0 or 1 or -U_FORTIFY_SOURCE; reported by Mike Hommey + (Debian bug #898332). +- Detect overwrite of -fstack-protector options with -fno-stack-protector + (same for -fstack-protector-all and -fstack-protector-strong). + + +Version 0.08 +------------ + +- Support new dpkg versions which replaced Dpkg::Arch's debarch_to_debtriplet + with debarch_to_debtuple (Debian Bug #844393), reported by Johannes Schauer. +- Support Open MPI mpicc/mpicxx compiler wrappers to prevent false positives + in non-verbose-build detection, reported by Boud Roukema and Nico Schlömer + (Debian Bug #853265). +- Add better support for Fortran (c.f. Debian Bug #853265). +- Don't report missing PIE flags in buildd mode if GCC defaults to PIE (c.f. + Debian Bug 845339). +- Add new --debian option to handle PIE flags like buildd mode, thanks to + Eriberto Mota for the suggestion. This is not enabled per default to prevent + false negatives as the flags are missing from the build log and blhc can't + detect if the compiler applied PIE internally (c.f. Debian Bug 845339). +- Add --line-numbers command line option +- Sync architecture specific hardening support with dpkg 1.19.0.5. +- Use proper look back for non-verbose detection if DEB_BUILD_OPTIONS=parallel + is present. Previously it was too small causing false-positives if the + option was detected. + + +Version 0.07 +------------ + - Sync architecture specific hardening support with dpkg 1.18.10. +- Fix false positive in "gcc > file" (Debian Bug #828789), reported by Mathieu + Parent. +- Fix another Ada false positive for format flags (Debian Bug #833939), + reported by Nicolas Boulenguez. Version 0.06