gnupg-1.4.9 fails checks in new distribution

Klaus Singvogel kssingvo at
Wed Dec 17 21:13:09 CET 2008

Werner Koch wrote:
> Why are you using these extra options:
>   -D_FORTIFY_SOURCE=2 -fstack-protector \
>      -funwind-tables -fasynchronous-unwind-tables

They were introduced through use of "$RPM_OPT_FLAGS" in the
specfile. The intention is to make code more robust against
attacks, and therefore the security team of SUSE set them
in the global rpm macros file.

> did you used them also on the old system?  The problem is probably due
> to _FORTIFY_SOURCE=2; youu need to debug that.

I'm sure about to use options "-D_FORTIFY_SOURCE=2 -fstack-protector",
but unsure about the other two on older systems.

I think David Shaw already explained, that the issues don't occur
anymore, when using "-O1" instead of "-O2" for comilation of

I changed it as suggested (only compiled rijndael.o), and the issues
were really gone. I therefore filed a new bugzilla entry against gcc:

The bad news is, that profiling the code is no longer possible, when
mixing "-O1" with "-O2" object files. But hopefully the compiler
specialists can find the cause and fix it.


Best regards,
Klaus Singvogel  -  Maxfeldstr. 5  -  90409 Nuernberg  -  Germany
Phone: +49-911-74053-0
GnuPG-Key-ID: 1024R/5068792D  1994-06-27
SUSE LINUX Products GmbH,  GF: Markus Rex,  HRB 16746 (AG Nuernberg)

More information about the Gnupg-devel mailing list