[Bug 513345] Review Request: iwak - Detect the openssh keys affected by CVE-2008-0166 among authorized_keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=513345





--- Comment #5 from Matej Cepl <mcepl@xxxxxxxxxx>  2009-07-23 09:11:03 EDT ---
+ FAIL: rpmlint is silent on both source and binary package.
bradford:rpmbuild$ rpmlint iwak-2.4-1.fc11.src.rpm 
iwak.src: E: description-line-too-long Detect the openssh keys affected by
CVE-2008-0166 among authorized_keys. This is done by computing the fingerprints
from
iwak.src: E: description-line-too-long each authorized key and then comparing
against the databaze of blacklisted fingerprints.
1 packages and 0 specfiles checked; 2 errors, 0 warnings.
bradford:rpmbuild$ 
+ GOOD: The package is named according to the Package Naming Guidelines .
+ GOOD: The spec file name matches the base package %{name}, in the format
  %{name}.spec.
+ GOOD: The package meets the Packaging Guidelines.
+ GOOD: The package is licensed with a Fedora approved license and meet the
Licensing Guidelines.
+ GOOD: The License field in the package spec file matches the actual license.
Well, it would be better if this GPL blurb was in the top of the script itself:
   iawk - detects the openssh authorized_keys affected by CVE-2008-0166
    Copyright (C) 2009 Jan F. Chadima
    Copyright (C) 2009 Red Hat Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

+ GOOD: The spec file is written in American English.
+ GOOD: The spec file for the package is legible.
+ GOOD: The sources used to build the package matches the upstream source,
as provided in the spec URL.
SHA1: c9567e1590d75afa080102096b0ba19a49834f3a
+ GOOD: The package successfully compiles and build into binary rpms on at
least one supported architecture.
  It is noarch -- koji scratch build is
  http://koji.fedoraproject.org/koji/taskinfo?taskID=1494766
+ GOOD: builds on all architectures
noarch
+ GOOD: All build dependencies are listed in BuildRequires. (builds in koji)
+ GOOD: The spec file MUST handle locales properly.
  No locale support.
+ GOOD: no libraries
+ GOOD: not relocatable
+ GOOD: A package owns all directories that it creates.
+ GOOD: A package must not contain any duplicate files in the %files listing.
+ GOOD: Permissions on files must be set properly.
+ GOOD: Each package have a %clean section.
+ GOOD: Each package consistently use macros.
+ GOOD: The package contains code, or permissable content.
+ GOOD: No large documentation files, so no a -doc subpackage.
+ GOOD: Files registered in %doc does not affect the runtime of the
application.
+ GOOD: No header files.
+ GOOD: No static libraries.
+ GOOD: No pkgconfig(.pc) files.
+ GOOD: The package does not contain library files with a suffix.
+ GOOD: No devel packages.
+ GOOD: No .la libtool archives.
+ GOOD: Packages does not contain GUI applications.
+ GOOD: Packages does not own files or directories owned by other packages.
+ GOOD: Runs rm -rf $RPM_BUILD_ROOT in %install
+ GOOD: All filenames in rpm packages are valid UTF-8.
+ GOOD: Includes license text.

Please fix or explain above show issues.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
Fedora-package-review mailing list
Fedora-package-review@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]