From owner-freebsd-ports@FreeBSD.ORG Mon Nov 3 18:28:56 2014 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 71BA8298 for ; Mon, 3 Nov 2014 18:28:56 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3E5A07EC for ; Mon, 3 Nov 2014 18:28:56 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id sA3ISuK3018099 for ; Mon, 3 Nov 2014 18:28:56 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id sA3IStHK018098 for freebsd-ports@FreeBSD.org; Mon, 3 Nov 2014 18:28:55 GMT (envelope-from bdrewery) Received: (qmail 76550 invoked from network); 3 Nov 2014 12:28:53 -0600 Received: from unknown (HELO blah) (freebsd@shatow.net@129.253.54.225) by sweb.xzibition.com with ESMTPA; 3 Nov 2014 12:28:53 -0600 Message-ID: <5457C964.4070207@FreeBSD.org> Date: Mon, 03 Nov 2014 12:28:52 -0600 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: olli hauer Subject: Re: SSP now default for ports/packages, ssp/new_xorg repository EOL References: <54568DA2.6030309@FreeBSD.org> <5456A556.9020400@gmx.de> In-Reply-To: <5456A556.9020400@gmx.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ports@FreeBSD.org X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Nov 2014 18:28:56 -0000 On 11/2/14 3:42 PM, olli hauer wrote: > On 2014-11-02 21:01, Bryan Drewery wrote: >> Ports and Package users, >> >> Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. >> >> This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses. >> >> WITHOUT_SSP can be defined in make.conf to not use this feature. >> >> SSP will be used to build ports (with -fstack-protector) on all amd64 releases and i386 releases which are 10.0 or newer. >> >> The "ssp" repository and "new_xorg" repositories will no longer be updated after 11/15 as they are no longer needed as both are default for ports now. Please update your repository configurations to now only track the /latest repository. This is the default from /etc/pkg/FreeBSD.conf. Remove any overrides from /usr/local/etc/pkg/repos/ for the "ssp" or "new_xorg" repositories. >> >> Regards, >> Bryan Drewery on behalf of portmgr > > > Hi Bryan, > > thats good notes, but how about users tracking ssp and changing the repo or upgrading to 10.1 if released? > I suspect packages will be replaced during 10.1 upgrade with NON_SSP packages since the tree was tagged already yesterday by babt. > > -- > olli > Yes, those won't have SSP, but as soon as you upgrade the packages they will be SSP enabled. It's a bit odd. -- Regards, Bryan Drewery