Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: python-beaker - WSGI middleware for sessions https://bugzilla.redhat.com/show_bug.cgi?id=445018 ------- Additional Comments From felix.schwarz@xxxxxxxxxxxxxx 2008-05-10 17:03 EST ------- There are some problems with your submission: First of all please update the package to 0.9.4 as 0.9.3 contains a remotely exploitable bug (allows overwriting arbitrary files, manipulating the application's session and last but not least remote code execution, see http://groups.google.com/group/turbogears/browse_thread/thread/0f1079fb982c549b for more details). Furthermore there are some problems with your spec file: $ rpmlint python-beaker-0.9.3-1.fc8.src.rpm python-beaker.src: W: summary-ended-with-dot WSGI middleware layer to provide sessions. Please fix this (and assure that rpmlint does not complain about other things). Manual inspection of the spec file revealed another issue: "Source0: http://pypi.python.org/packages/source/B/Beaker-%{version}.tar.gz"; This URL is not valid, http://pypi.python.org/packages/source/B/Beaker-0.9.3.tar.gz does not exist. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review