This package provides an ELF executable that was not compiled as a position independent executable (PIE). In Debian, since version 6.2.0-7 of the gcc-6 package GCC will compile ELF binaries with PIE by default. In most cases a simple rebuild will be sufficient to remove this tag. PIE is required for fully enabling Address Space Layout Randomization (ASLR), which makes "Return-oriented" attacks more difficult. Historically, PIE has been associated with noticeable performance overhead on i386. However, GCC >= 5 has implemented an optimization that can reduce the overhead significantly. If you use dpkg-buildflags with hardening=+all,-pie in DEB_BUILD_MAINT_OPTIONS, remove the -pie. Refer to https://wiki.debian.org/Hardening, https://gcc.gnu.org/gcc-5/changes.html, and https://software.intel.com/en-us/blogs/2014/12/26/new-optimizations-for-x86-in-upcoming-gcc-50-32bit-pic-mode for details. Severity: warning Check: binaries
This package provides an ELF binary that lacks the "read-only relocation" link flag. This package was likely not built with the default Debian compiler flags defined by dpkg-buildflags. If built using dpkg-buildflags directly, be sure to import LDFLAGS. Refer to https://wiki.debian.org/Hardening for details. Severity: warning Check: binaries
The "Section:" field in this package's control file is not one of the sections in use on the ftp archive. Valid sections are currently admin, comm, cli-mono, database, debug, devel, doc, editors, electronics, embedded, fonts, games, gnome, gnu-r, gnustep, graphics, hamradio, haskell, httpd, interpreters, java, javascript, kde, libdevel, libs, lisp, localization, kernel, mail, math, misc, net, news, ocaml, oldlibs, otherosfs, perl, php, python, ruby, rust, science, shells, sound, tex, text, utils, vcs, video, web, x11, xfce, zope. The section name should be preceded by "non-free/" if the package is in the non-free archive area, and by "contrib/" if the package is in the contrib archive area. Refer to Debian Policy Manual section 2.4 (Sections) for details. Severity: warning Check: fields/section
This package provides an ELF binary that lacks the "bindnow" linker flag. This is needed (together with "relro") to make the "Global Offset Table" (GOT) fully read-only. The bindnow feature trades startup time for improved security. Please consider enabling this feature or consider overriding the tag (possibly with a comment about why). If you use dpkg-buildflags, you may have to add hardening=+bindnow or hardening=+all to DEB_BUILD_MAINT_OPTIONS. The relevant compiler flags are set in LDFLAGS. Refer to https://wiki.debian.org/Hardening for details. Severity: info Check: binaries
This package provides an ELF binary that lacks the use of fortified libc functions. Either there are no potentially unfortified functions called by any routines, all unfortified calls have already been fully validated at compile-time, or the package was not built with the default Debian compiler flags defined by dpkg-buildflags. If built using dpkg-buildflags directly, be sure to import CPPFLAGS. NB: Due to false-positives, Lintian ignores some unprotected functions (e.g. memcpy). Refer to https://wiki.debian.org/Hardening and Bug#673112 for details. Severity: info Check: binaries
The maintainer scripts of the package contain one or more auto-generated shell snippets inserted by the listed debhelper tool. Severity: classification Check: maintainer-scripts/generated This tag is a classification. There is no issue in your package.
The package does not rely on any maintainer scripts (or other executable control files). Severity: classification Check: control-files This tag is a classification. There is no issue in your package.
Lintian run for ksensors-trinity package.
|
Name
|
|
|
|---|---|---|
| Package upload | ksensors-trinity_4:14.2.0~pre33-0raspbian11.0.0+7 |
|
| System tar | system.tar.xz |
|
| Source package | ksensors-trinity_4:14.2.0~pre33-0raspbian11.0.0+7 |
|
|
Name
|
|
|
|---|---|---|
| Lintian report | lintian: ksensors-trinity, ksensors-trinity-dbgsym | |
| Debug log | debusine:work-request-debug-logs |
Work requests that must be completed before this one can run.
| 261139 | 1 day, 3 hours | Worker | sbuild: ksensors-trinity_4:14.2.0~pre33-0raspbian11.0.0+7 (armhf) | Completed | Success |
This work request is not required by any other one.
Internal collection: workflow-261030
backend: unshare build_architecture: armhf environment: debian/match:codename=raspbian-bullseye exclude_tags: [] fail_on_severity: error include_tags: [] input: binary_artifacts: - internal@collections/name:build-armhf source_artifact: 819014@artifacts output: binary_all_analysis: false source_analysis: false target_distribution: debian:raspbian-bullseye
backend: unshare build_architecture: armhf environment: debian/match:codename=raspbian-bullseye exclude_tags: [] fail_on_severity: error include_tags: [] input: binary_artifacts: - internal@collections/name:build-armhf source_artifact: 819014@artifacts output: binary_all_analysis: false source_analysis: false target_distribution: debian:raspbian-bullseye task_configuration: 1021
provided: - task:group:debusine::Admins - task:group:debusine::TDE-Owners - task:scope:debusine - task:source-package:ksensors-trinity - task:workspace:debusine:trinity-testing required: - worker:executor:unshare - worker:task:worker:lintian:version:1 - worker:type:external
configuration_context: bullseye environment_id: 27490 input_binary_artifacts_ids: - 829576 input_source_artifact_id: 819014 parameter_summary: ksensors-trinity_4:14.2.0~pre33-0raspbian11.0.0+7 runtime_context: binary-any:bullseye subject: ksensors-trinity
{ "step": "lintian-armhf", "display_name": "Lintian for armhf" }
{ "on_success": [ { "action": "update-collection-with-artifacts", "variables": null, "collection": "internal@collections", "name_template": "lintian-armhf", "artifact_filters": { "category": "debian:lintian" } } ] }
{ "runtime_statistics": { "memory": 2467155968, "cpu_time": 509, "duration": 241, "cpu_count": 12, "disk_space": 3518791680, "available_memory": 16606613504, "available_disk_space": 11976994816 } }