Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 03 Nov 2014 12:28:52 -0600
From:      Bryan Drewery <bdrewery@FreeBSD.org>
To:        olli hauer <ohauer@gmx.de>
Cc:        freebsd-ports@FreeBSD.org
Subject:   Re: SSP now default for ports/packages, ssp/new_xorg repository EOL
Message-ID:  <5457C964.4070207@FreeBSD.org>
In-Reply-To: <5456A556.9020400@gmx.de>
References:  <54568DA2.6030309@FreeBSD.org> <5456A556.9020400@gmx.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 11/2/14 3:42 PM, olli hauer wrote:
> On 2014-11-02 21:01, Bryan Drewery wrote:
>> Ports and Package users,
>>
>> Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection.
>>
>> This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.
>>
>> WITHOUT_SSP can be defined in make.conf to not use this feature.
>>
>> SSP will be used to build ports (with -fstack-protector) on all amd64 releases and i386 releases which are 10.0 or newer.
>>
>> The "ssp" repository and "new_xorg" repositories will no longer be updated after 11/15 as they are no longer needed as both are default for ports now. Please update your repository configurations to now only track the /latest repository. This is the default from /etc/pkg/FreeBSD.conf. Remove any overrides from /usr/local/etc/pkg/repos/ for the "ssp" or "new_xorg" repositories.
>>
>> Regards,
>> Bryan Drewery on behalf of portmgr
>
>
> Hi Bryan,
>
> thats good notes, but how about users tracking ssp and changing the repo or upgrading to 10.1 if released?
> I suspect packages will be replaced during 10.1 upgrade with NON_SSP packages since the tree was tagged already yesterday by babt.
>
> --
> olli
>

Yes, those won't have SSP, but as soon as you upgrade the packages they 
will be SSP enabled. It's a bit odd.

-- 
Regards,
Bryan Drewery

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5457C964.4070207>