* James McDonald <[email protected]>, 2014-02-15, 14:46:
http://mentors.debian.net/debian/pool/main/c/cwm/cwm_5.1-1.dsc
blhc says that at least some parts of the package were built without
hardening:
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security): cc -c -Wall -O2 -g -D_FORTIFY_SOURCE=2 `pkg-config
--cflags fontconfig x11 xft xinerama xrandr` calmwm.c
The compiler warns about use of a deprecated function:
menu.c:469:2: warning: 'XKeycodeToKeysym' is deprecated (declared at
/usr/include/X11/Xlib.h:1699) [-Wdeprecated-declarations]
...and about implicit function declaration:
parse.y:92:4: warning: implicit declaration of function 'asprintf'
[-Wimplicit-function-declaration]
Upstream PGP-signed his tarball, so you may want to enable signature
checking in d/watch.
Any reason add-changelog is not included in d/patches/series?
I'd rather not patch upstream makefile to change PREFIX, but override it
in debian/rules instead.
fix-man-hyphens is not complete. There are more places where hyphen is
used as minus sign, although likely Lintian is not smart enough to
detect them.
Typo in the package description:
"etc" -> "etc."
The description is oddly wrapped. The line ending with "virtual desktop"
could be two words longer.
Enumerated lists in d/copyright are not formatted correctly. Please see
bug #700970.
Upstream embeds a few BSD-specific functions (fgetln, strlcat, strlcpy,
strtonum). It would be nice if Debian package could link to libbsd
instead of using these embedded copies.
Typo in client.c:
cant -> can't
--
Jakub Wilk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
