SSP now default for ports/packages, ssp/new_xorg repository EOL
bdrewery at FreeBSD.org
Mon Nov 3 18:28:56 UTC 2014
On 11/2/14 3:42 PM, olli hauer wrote:
> On 2014-11-02 21:01, Bryan Drewery wrote:
>> Ports and Package users,
>> Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection.
>> This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.
>> WITHOUT_SSP can be defined in make.conf to not use this feature.
>> SSP will be used to build ports (with -fstack-protector) on all amd64 releases and i386 releases which are 10.0 or newer.
>> The "ssp" repository and "new_xorg" repositories will no longer be updated after 11/15 as they are no longer needed as both are default for ports now. Please update your repository configurations to now only track the /latest repository. This is the default from /etc/pkg/FreeBSD.conf. Remove any overrides from /usr/local/etc/pkg/repos/ for the "ssp" or "new_xorg" repositories.
>> Bryan Drewery on behalf of portmgr
> Hi Bryan,
> thats good notes, but how about users tracking ssp and changing the repo or upgrading to 10.1 if released?
> I suspect packages will be replaced during 10.1 upgrade with NON_SSP packages since the tree was tagged already yesterday by babt.
Yes, those won't have SSP, but as soon as you upgrade the packages they
will be SSP enabled. It's a bit odd.
More information about the freebsd-ports