Gordon Malm wrote:
> Hello Hardened users, this is just a quick heads up.  GCC 4.3.4 will be going 
> stable on hardened profiles shortly.  Unlike Hardened GCC 3.4.6, this version 
> lacks default SSP building.  However, FORTIFY_SOURCE=2 
> and -fno-strict-overflow are now enabled by default.  Other Hardened compiler 
> features (ex. default relro, bind now & pic/pie building) remain enabled - no 
> change from 3.4.6.
>
> It is regretable this must be done before GCC4 is SSP-by-default enabled.  
> However, more and more packages require the newer GCC.  The stable GCC on 
> Hardened has been GCC 3.4.6 for a long time, but this has become an untenable 
> situation.  GCC4 SSP-by-default works and will be added in a later revision - 
> some GCC4+SSP bugs in grub and glibc also remain to be fixed.
>
>   

Anyone got any empirical reports on upgrading a uclibc hardened system?  
Lack of TLS in uclibc appears to be a potential issue?

Natanael Copa has previously reported very widespread success using gcc 
4.4.1 + uclibc with apparently fairly minimal additional patches?
  I guess gcc 4.4 isn't yet stable on any profiles, but does gcc4.4 buy 
us anything generally in terms of getting hardened+ssp stable?

Cheers

Ed W