1 |
Hello Hardened users, this is just a quick heads up. GCC 4.3.4 will be going |
2 |
stable on hardened profiles shortly. Unlike Hardened GCC 3.4.6, this version |
3 |
lacks default SSP building. However, FORTIFY_SOURCE=2 |
4 |
and -fno-strict-overflow are now enabled by default. Other Hardened compiler |
5 |
features (ex. default relro, bind now & pic/pie building) remain enabled - no |
6 |
change from 3.4.6. |
7 |
|
8 |
It is regretable this must be done before GCC4 is SSP-by-default enabled. |
9 |
However, more and more packages require the newer GCC. The stable GCC on |
10 |
Hardened has been GCC 3.4.6 for a long time, but this has become an untenable |
11 |
situation. GCC4 SSP-by-default works and will be added in a later revision - |
12 |
some GCC4+SSP bugs in grub and glibc also remain to be fixed. |
13 |
|
14 |
Please follow '2. General Upgrade Instructions' in the 'Gentoo GCC Upgrade |
15 |
Guide' [1] when upgrading from GCC 3.4.x to GCC 4.3.x. The upgrade should be |
16 |
relatively smooth, but if you run into upgrade troubles seek help via this |
17 |
mailing list, bugs.gentoo.org, or irc.freenode.net, #gentoo-hardened. |
18 |
|
19 |
[1] http://www.gentoo.org/doc/en/gcc-upgrading.xml |
20 |
|
21 |
Sincerely, |
22 |
Gordon Malm (gengor) |