SSP now default for ports/packages, ssp/new_xorg repository EOL
Bryan Drewery
bdrewery at FreeBSD.org
Mon Nov 3 18:28:56 UTC 2014
On 11/2/14 3:42 PM, olli hauer wrote:
> On 2014-11-02 21:01, Bryan Drewery wrote:
>> Ports and Package users,
>>
>> Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection.
>>
>> This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.
>>
>> WITHOUT_SSP can be defined in make.conf to not use this feature.
>>
>> SSP will be used to build ports (with -fstack-protector) on all amd64 releases and i386 releases which are 10.0 or newer.
>>
>> The "ssp" repository and "new_xorg" repositories will no longer be updated after 11/15 as they are no longer needed as both are default for ports now. Please update your repository configurations to now only track the /latest repository. This is the default from /etc/pkg/FreeBSD.conf. Remove any overrides from /usr/local/etc/pkg/repos/ for the "ssp" or "new_xorg" repositories.
>>
>> Regards,
>> Bryan Drewery on behalf of portmgr
>
>
> Hi Bryan,
>
> thats good notes, but how about users tracking ssp and changing the repo or upgrading to 10.1 if released?
> I suspect packages will be replaced during 10.1 upgrade with NON_SSP packages since the tree was tagged already yesterday by babt.
>
> --
> olli
>
Yes, those won't have SSP, but as soon as you upgrade the packages they
will be SSP enabled. It's a bit odd.
--
Regards,
Bryan Drewery
More information about the freebsd-ports
mailing list