I still see this issue from lintian:
I: libcontent-hub0: hardening-no-fortify-functions usr/lib/x86_64-linux-gnu/libcontent-hub.so.0.2.0
However, as discussed the -D_FORTIFY_SOURCE=2 option is properly passed at build time, and we no longer have the lintian warning about bindnow, which seems to indicate that hardening options are correctly being passed.
Please file a bug about this and seek help from the Security Team to figure out why this is either a false-positive or otherwise broken (could it be because cmake is doing something special?).
In the meantime, I believe it is fine to accept the MIR despite this issue, as it *is* being worked on and the package looks fine otherwise.
I still see this issue from lintian: no-fortify- functions usr/lib/ x86_64- linux-gnu/ libcontent- hub.so. 0.2.0
I: libcontent-hub0: hardening-
However, as discussed the -D_FORTIFY_SOURCE=2 option is properly passed at build time, and we no longer have the lintian warning about bindnow, which seems to indicate that hardening options are correctly being passed.
Please file a bug about this and seek help from the Security Team to figure out why this is either a false-positive or otherwise broken (could it be because cmake is doing something special?).
In the meantime, I believe it is fine to accept the MIR despite this issue, as it *is* being worked on and the package looks fine otherwise.