Hello Michael, > Did I not submit an update to that somewhere anyways? yes, you did: https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=bf7bfc3df6a3fc4e55908a9b80bcf06e51e3b46b This fell through the cracks when compiling the changelog for C169 - thanks for bringing this up. As for C170, bumping the package version is required nevertheless. All the best, Peter Müller > >> On 6 Jul 2022, at 11:00, Peter Müller wrote: >> >> Hello Michael, >> >> thanks for your swift response. >> >> Okay, I will then just bump the version number of dnsdist. >> >> All the best, >> Peter Müller >> >> >>> Good question. I did not even think about this. >>> >>> I could not find many executables that fell into this category. Maybe about 10. Out of those, dnsdist was the largest one - by far. >>> >>> So I would say, it isn’t worth it except for dnsdist. >>> >>> -Michael >>> >>>> On 6 Jul 2022, at 10:56, Peter Müller wrote: >>>> >>>> Hello Michael, >>>> >>>> just a short follow-up question on this: Do we need to re-ship all affected packages again? >>>> Or is it fine to let users benefit from stripped PIE executables when we update affected >>>> components anyway? >>>> >>>> Thanks, and best regards, >>>> Peter Müller >>>> >>>> >>>>> Reviewed-by: Peter Müller >>>>> >>>>>> Fixes: #12894 >>>>>> Signed-off-by: Michael Tremer >>>>>> --- >>>>>> src/stripper | 4 ++++ >>>>>> 1 file changed, 4 insertions(+) >>>>>> >>>>>> diff --git a/src/stripper b/src/stripper >>>>>> index fadbc514b..4014f03a4 100755 >>>>>> --- a/src/stripper >>>>>> +++ b/src/stripper >>>>>> @@ -38,6 +38,10 @@ function _strip() { >>>>>> args+=( "--strip-all" ) >>>>>> ;; >>>>>> + *Type:*"DYN (Position-Independent Executable file)"*) >>>>>> + args+=( "--strip-all" ) >>>>>> + ;; >>>>>> + >>>>>> # Binaries >>>>>> *Type:*"EXEC (Executable file)"*) >>>>>> args+=( "--strip-all" ) >>> >