https://bugzilla.redhat.com/show_bug.cgi?id=2051008 --- Comment #44 from Michael Catanzaro <mcatanza@xxxxxxxxxx> --- (In reply to Neal Gompa from comment #42) > (In reply to Fabio Valentini from comment #41) > > Huh, some of those rpmlint warnings sound useful ... > > > > > ffmpeg-free-libs.x86_64: W: crypto-policy-non-compliance-gnutls-1 /usr/lib64/libavformat.so.59.16.100 gnutls_priority_set_direct > > > > Is this expected? > > > > It's an old policy from attempts to unify crypto libraries. We never > completed it and I believe those checks were removed in rpmlint 2.x. No, that's not old, that's really the current crypto policy. gnutls_priority_set_direct() is suspicious because it almost always ignores the system policy, so it is rarely ever OK to use that function in Fedora. We probably need to patch the code to use either gnutls_set_default_priority() or gnutls_set_default_priority_append() instead. See https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/ for guidance. In certain circumstances, it might be OK to use gnutls_priority_set_direct() if it's gated behind manual user configuration and there is a good reason to ignore system policy, but this is rare. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2051008 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
