diff options
Diffstat (limited to 'tags/h/hardening-no-fortify-functions.tag')
| -rw-r--r-- | tags/h/hardening-no-fortify-functions.tag | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/tags/h/hardening-no-fortify-functions.tag b/tags/h/hardening-no-fortify-functions.tag new file mode 100644 index 0000000..63833f0 --- /dev/null +++ b/tags/h/hardening-no-fortify-functions.tag @@ -0,0 +1,13 @@ +Tag: hardening-no-fortify-functions +Severity: info +Check: binaries/hardening +Explanation: This package provides an ELF binary that lacks the use of fortified + libc functions. Either there are no potentially unfortified functions + called by any routines, all unfortified calls have already been fully + validated at compile-time, or the package was not built with the default + Debian compiler flags defined by <code>dpkg-buildflags</code>. If built using + <code>dpkg-buildflags</code> directly, be sure to import <code>CPPFLAGS</code>. + . + NB: Due to false-positives, Lintian ignores some unprotected functions + (e.g. memcpy). +See-Also: https://wiki.debian.org/Hardening, Bug#673112 |