[Bug 509990] Review Request: CVE-2008-0166_fingerprints - Fingerprints of the keys affected by CVE-2008-0166

bugzilla at redhat.com bugzilla at redhat.com
Tue Jul 7 12:36:26 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=509990


Stepan Kasal <skasal at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |skasal at redhat.com
         AssignedTo|nobody at fedoraproject.org    |skasal at redhat.com
               Flag|                            |fedora-review?




--- Comment #1 from Stepan Kasal <skasal at redhat.com>  2009-07-07 08:36:25 EDT ---
FAIL no upstream
  - please put these results to your web page, perhaps to jfch.fedorapeople.org
  - create a short page for the package
  - giving back to the comunity
OK package meets naming and versioning guidelines.
OK specfile is properly named, is cleanly written and uses macros consistently.
OK dist tag is present.
OK build root is correct.
OK license field matches the actual license.
OK license is open source-compatible, license text included in package.
OK latest version is being packaged.
OK BuildRequires are proper.
OK no compiler flags
OK %clean is present.
OK package builds in mock.
OK package installs properly.
OK no debuginfo
FAIL rpmlint complains W: no URL: tag
   After creating a page for the project, please add "URL:" tag to the spec
file
OK no provides nor requires
OK no %check, no test suite
OK no shared libraries are added to the regular linker search paths.
OK owns the directories it creates.
OK doesn't own any directories it shouldn't.
OK no duplicates in %files.
OK file permissions are appropriate.
OK no scriptlets present.
OK code, not content.
   -- Well, this requires a comment: the package contains data exclusively.
   The data are precomputed list of compromised keys, as created on computers
   affected by CVE-2008-0166.  The programs made to defend security cannot work
   without this list, so this package is more similar to a game level data than
   to a "content".
   (cf http://fedoraproject.org/wiki/Packaging:Guidelines#Code_Vs_Content)
OK documentation is small, so no -docs subpackage is necessary.
OK %docs are not necessary for the proper functioning of the package.
OK no headers, no pkgconfig, .la, nor desktop files.

Please fix the two FAIL issues above and I'll approve the package.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the Fedora-package-review mailing list