Bug 30920 - FORTIFY_SOURCE=3 should be enabled in default compiler flags for Mageia 10
Summary: FORTIFY_SOURCE=3 should be enabled in default compiler flags for Mageia 10
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: Mageia 10
Assignee: Base system maintainers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-09-30 22:41 CEST by David Walser
Modified: 2022-10-01 20:47 CEST (History)
0 users

See Also:
Source RPM: rpm-mageia-setup-2.67-1.mga9.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2022-09-30 22:41:38 CEST
I noticed this in the RHEL 8.7 beta release notes:
"GCC 12 and later supports _FORTIFY_SOURCE level 3 (rhbz#2033684)"

And Pascal found this link, describing the benefits and implications:
https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level

Our default fortify cflags are set in /usr/lib/rpm/mageia/macros in rpm-mageia-setup:
%_fortify_cflags -Wp,-D_FORTIFY_SOURCE=2

After Cauldron opens for Mageia 10 development, we should set the value to 3.
Comment 1 David Walser 2022-09-30 22:42:05 CEST
"Mageia 10" target not yet available in Bugzilla, but will set that when it is.
Thomas Backlund 2022-09-30 22:46:29 CEST

Target Milestone: --- => Mageia 10

Comment 2 Lewis Smith 2022-10-01 20:47:00 CEST
Hoping base system is the best place to lodge this, as Thomas has already commented it.

Assignee: bugsquad => basesystem


Note You need to log in before you can comment on or make changes to this bug.