[Bug 208420] Review Request: conky - A system monitor for X originally based on the torsmo code
bugzilla at redhat.com
bugzilla at redhat.com
Thu Sep 28 22:10:04 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: conky - A system monitor for X originally based on the torsmo code
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208420
------- Additional Comments From pertusus at free.fr 2006-09-28 18:10 EST -------
You also need to block FE-NEEDSPONSOR too ;-)
Some comments:
* your changelog entries are not very informative. You could have
better said something along
- use the GPL as licence since the whole package is GPL
- use %%configure
and so on.
* NEWS is empty, no need to ship it
* The part 'originally based on the torsmo code' in the summary
seems unneeded to me.
* the summary shouldn't end with a dot
* your changelog entries are badly formatted. The version should
be at the end of the line beginning with *.
* a BR (BuildRequires) for libXext-devel is mmissing, and libX11-devel
is required by libXext-devel.
* In xmms.c it seems that a file is created in /tmp with a predictible
name. If it is the case, there is a security issue, since it allows
a symlink attack.
* still in xmms.c it seems that conky dlopens some libs to do something
with the music players. This won't work since the .so are in the
devel packages. Is this code used in your package? If it is the case
there is certainly something wrong upstream, and maybe the dlopened
files should be below /usr/lib/xmms/, or conky should be linked
against libxmms and not dlopen it.
* is it on purpose that there are no requires for xmms/bmp...?
* When I start conky I get a trace:
$ conky
*** buffer overflow detected ***: conky terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x9f2161]
/lib/libc.so.6(__strcpy_chk+0x43)[0x9f1663]
conky[0x8064eed]
/lib/libc.so.6(__libc_start_main+0xdc)[0x926f2c]
conky[0x804ab91]
======= Memory map: ========
00111000-00116000 r-xp 00000000 03:03 379787 /usr/lib/libXdmcp.so.6.0.0
00116000-00117000 rwxp 00004000 03:03 379787 /usr/lib/libXdmcp.so.6.0.0
00196000-0019d000 r-xp 00000000 03:03 2412643 /lib/librt-2.4.90.so
0019d000-0019e000 r-xp 00006000 03:03 2412643 /lib/librt-2.4.90.so
0019e000-0019f000 rwxp 00007000 03:03 2412643 /lib/librt-2.4.90.so
002c7000-002cb000 r-xp 00000000 03:03 379797 /usr/lib/libXfixes.so.3.1.0
002cb000-002cc000 rwxp 00003000 03:03 379797 /usr/lib/libXfixes.so.3.1.0
0034e000-00360000 r-xp 00000000 03:03 377780 /usr/lib/libXft.so.2.1.2
00360000-00361000 rwxp 00012000 03:03 377780 /usr/lib/libXft.so.2.1.2
005b5000-005ce000 r-xp 00000000 03:03 2408357 /lib/ld-2.4.90.so
005ce000-005cf000 r-xp 00018000 03:03 2408357 /lib/ld-2.4.90.so
005cf000-005d0000 rwxp 00019000 03:03 2408357 /lib/ld-2.4.90.so
00624000-00649000 r-xp 00000000 03:03 2408914 /lib/libm-2.4.90.so
00649000-0064a000 r-xp 00024000 03:03 2408914 /lib/libm-2.4.90.so
0064a000-0064b000 rwxp 00025000 03:03 2408914 /lib/libm-2.4.90.so
006fd000-0077a000 r-xp 00000000 03:03 374846 /usr/lib/libfreetype.so.6.3.10
0077a000-0077d000 rwxp 0007d000 03:03 374846 /usr/lib/libfreetype.so.6.3.10
00911000-00a49000 r-xp 00000000 03:03 2408410 /lib/libc-2.4.90.so
00a49000-00a4b000 r-xp 00138000 03:03 2408410 /lib/libc-2.4.90.so
00a4b000-00a4c000 rwxp 0013a000 03:03 2408410 /lib/libc-2.4.90.so
00a4c000-00a4f000 rwxp 00a4c000 00:00 0
00a9c000-00aaf000 r-xp 00000000 03:03 2410955 /lib/libpthread-2.4.90.so
00aaf000-00ab0000 r-xp 00012000 03:03 2410955 /lib/libpthread-2.4.90.so
00ab0000-00ab1000 rwxp 00013000 03:03 2410955 /lib/libpthread-2.4.90.so
00ab1000-00ab3000 rwxp 00ab1000 00:00 0
00b21000-00c21000 r-xp 00000000 03:03 362396 /usr/lib/libX11.so.6.2.0
00c21000-00c25000 rwxp 000ff000 03:03 362396 /usr/lib/libX11.so.6.2.0
00c56000-00c61000 r-xp 00000000 03:03 2420666 /lib/libgcc_s-4.1.1-20060926.so.1
00c61000-00c62000 rwxp 0000a000 03:03 2420666 /lib/libgcc_s-4.1.1-20060926.so.1
00d1c000-00d1e000 r-xp 00000000 03:03 364990 /usr/lib/libXdamage.so.1.0.0
00d1e000-00d1f000 rwxp 00001000 03:03 364990 /usr/lib/libXdamage.so.1.0.0
00d48000-00d4a000 r-xp 00000000 03:03 2408862 /lib/libdl-2.4.90.so
00d4a000-00d4b000 r-xp 00001000 03:03 2408862 /lib/libdl-2.4.90.so
00d4b000-00d4c000 rwxp 00002000 03:03 2408862 /lib/libdl-2.4.90.so
00d52000-00d54000 r-xp 00000000 03:03 379786 /usr/lib/libXau.so.6.0.0
00d54000-00d55000 rwxp 00001000 03:03 379786 /usr/lib/libXau.so.6.0.0
00d57000-00d66000 r-xp 00000000 03:03 379793 /usr/lib/libXext.so.6.4.0
00d66000-00d67000 rwxp 0000e000 03:03 379793 /usr/lib/libXext.so.6.4.0
00d69000-00d88000 r-xp 00000000 03:03 2408514 /lib/libexpat.so.0.5.0
00d88000-00d8a000 rwxp 0001e000 03:03 2408514 /lib/libexpat.so.0.5.0
00df3000-00dfb000 r-xp 00000000 03:03 379789 /usr/lib/libXrender.so.1.3.0
00dfb000-00dfc000 rwxp 00007000 03:03 379789 /usr/lib/libXrender.so.1.3.0
00e89000-00eb0000 r-xp 00000000 03:03 361587 /usr/lib/libfontconfig.so.1.1.0
00eb0000-00eb8000 rwxp 00027000 03:03 361587 /usr/lib/libfontconfig.so.1.1.0
0324b000-032e8000 r-xp 00000000 03:03 2408445 /lib/libglib-2.0.so.0.1200.3
032e8000-032e9000 rwxp 0009c000 03:03 2408445 /lib/libglib-2.0.so.0.1200.3
032eb000-032f3000 r-xp 00000000 03:03 379812 /usr/lib/libSM.so.6.0.0
032f3000-032f4000 rwxp 00007000 03:03 379812 /usr/lib/libSM.so.6.0.0
032f6000-0330d000 r-xp 00000000 03:03 379811 /usr/lib/libICE.so.6.3.0
0330d000-0330e000 rwxp 00016000 03:03 379811 /usr/lib/libICE.so.6.3.0
0330e000-03310000 rwxp 0330e000 00:00 0
08048000-08071000 r-xp 00000000 03:03 380814 /usr/bin/conky
08071000-08073000 rwxp 00028000 03:03 380814 /usr/bin/conky
08073000-0807b000 rwxp 08073000 00:00 0
090b3000-090d4000 rwxp 090b3000 00:00 0
b7fa30Abandon
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list