| 1 |
Hello Hardened users, this is just a quick heads up. GCC 4.3.4 will be going |
| 2 |
stable on hardened profiles shortly. Unlike Hardened GCC 3.4.6, this version |
| 3 |
lacks default SSP building. However, FORTIFY_SOURCE=2 |
| 4 |
and -fno-strict-overflow are now enabled by default. Other Hardened compiler |
| 5 |
features (ex. default relro, bind now & pic/pie building) remain enabled - no |
| 6 |
change from 3.4.6. |
| 7 |
|
| 8 |
It is regretable this must be done before GCC4 is SSP-by-default enabled. |
| 9 |
However, more and more packages require the newer GCC. The stable GCC on |
| 10 |
Hardened has been GCC 3.4.6 for a long time, but this has become an untenable |
| 11 |
situation. GCC4 SSP-by-default works and will be added in a later revision - |
| 12 |
some GCC4+SSP bugs in grub and glibc also remain to be fixed. |
| 13 |
|
| 14 |
Please follow '2. General Upgrade Instructions' in the 'Gentoo GCC Upgrade |
| 15 |
Guide' [1] when upgrading from GCC 3.4.x to GCC 4.3.x. The upgrade should be |
| 16 |
relatively smooth, but if you run into upgrade troubles seek help via this |
| 17 |
mailing list, bugs.gentoo.org, or irc.freenode.net, #gentoo-hardened. |
| 18 |
|
| 19 |
[1] http://www.gentoo.org/doc/en/gcc-upgrading.xml |
| 20 |
|
| 21 |
Sincerely, |
| 22 |
Gordon Malm (gengor) |
Archives