https://bugzilla.redhat.com/show_bug.cgi?id=1149641 Bug ID: 1149641 Summary: Review Request: xcat - A command line tool to explore blind XPath injection vulnerabilities Product: Fedora Version: rawhide Component: Package Review Severity: medium Priority: medium Assignee: nobody@xxxxxxxxxxxxxxxxx Reporter: mail@xxxxxxxxxxxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx Spec URL: https://fab.fedorapeople.org/packages/SRPMS/xcat.spec SRPM URL: https://fab.fedorapeople.org/packages/SRPMS/xcat-0.7.1-1.fc22.src.rpm Project URL: https://github.com/orf/xcat Description: XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query, read arbitrary files on the hosts filesystem and utilize out of bound HTTP requests to make the server send data directly to xcat. Koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=7774127 rpmlint output: [fab@localhost SRPMS]$ rpmlint xcat-0.7.1-1.fc22.src.rpm xcat.src: W: spelling-error %description -l en_US filesystem -> file system, file-system, systemically 1 packages and 0 specfiles checked; 0 errors, 1 warnings. [fab@localhost noarch]$ rpmlint xcat-0.7.1-1.fc22.noarch.rpm xcat.noarch: W: spelling-error %description -l en_US filesystem -> file system, file-system, systemically xcat.noarch: W: no-manual-page-for-binary xcat 1 packages and 0 specfiles checked; 0 errors, 2 warnings. Fedora Account System Username: fab -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review