Hello community,
here is the log from the commit of package rpmlint-Factory for openSUSE:Factory
checked in at 2019-12-02 11:26:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rpmlint-Factory (Old)
and /work/SRC/openSUSE:Factory/.rpmlint-Factory.new.4691 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rpmlint-Factory"
Mon Dec 2 11:26:11 2019 rev:51 rq:749900 version:1.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/rpmlint-Factory/rpmlint-Factory.changes
2019-07-29 17:25:29.450322212 +0200
+++
/work/SRC/openSUSE:Factory/.rpmlint-Factory.new.4691/rpmlint-Factory.changes
2019-12-02 11:26:25.670692397 +0100
@@ -1,0 +2,7 @@
+Fri Sep 27 09:12:25 UTC 2019 - Johannes Segitz <[email protected]>
+
+- Reduce default badness values of various security relevant warnings
+ and increase them again in -strict subpackage. With that building
+ doesn't fail in home projects anymore if these warnings pop up
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rpmlint-Factory.spec ++++++
--- /var/tmp/diff_new_pack.JzPU20/_old 2019-12-02 11:26:26.762691984 +0100
+++ /var/tmp/diff_new_pack.JzPU20/_new 2019-12-02 11:26:26.766691983 +0100
@@ -40,7 +40,8 @@
%description strict
The package contains additional rpmlint configuration that forbids
-invalid licenses.
+invalid licenses and enforces higher badness values for warnings/errors
+that indicate that a security audit needs to take place.
%prep
cp %{SOURCE1} .
++++++ config ++++++
--- /var/tmp/diff_new_pack.JzPU20/_old 2019-12-02 11:26:26.802691969 +0100
+++ /var/tmp/diff_new_pack.JzPU20/_new 2019-12-02 11:26:26.802691969 +0100
@@ -76,13 +76,13 @@
setBadness('invalid-filepath-dependency', 10000)
setBadness('suse-policy-kmp-missing-supplements', 10000)
-setBadness('polkit-unauthorized-file', 10000)
-setBadness('polkit-unauthorized-privilege', 10000)
-setBadness('polkit-unauthorized-rules', 10000)
-setBadness('polkit-untracked-privilege', 10000)
-setBadness('permissions-unauthorized-file', 10000)
-setBadness('permissions-file-setuid-bit', 10000)
-setBadness('permissions-world-writable', 10000)
+setBadness('polkit-unauthorized-file', 10)
+setBadness('polkit-unauthorized-privilege', 10)
+setBadness('polkit-unauthorized-rules', 10)
+setBadness('polkit-untracked-privilege', 10)
+setBadness('permissions-unauthorized-file', 10)
+setBadness('permissions-file-setuid-bit', 10)
+setBadness('permissions-world-writable', 10)
setBadness('suse-filelist-forbidden', 10000)
setBadness('suse-filelist-forbidden-sysconfig', 10000)
setBadness('suse-filelist-forbidden-perl-dir', 10000)
@@ -100,7 +100,7 @@
#setBadness('suse-filelist-forbidden-fhs23', 10000)
setBadness('info-dir-file', 10000)
-setBadness('suse-dbus-unauthorized-service', 10000)
+setBadness('suse-dbus-unauthorized-service', 10)
setBadness('non-position-independent-executable', 10000)
setBadness('lto-bytecode', 10000)
setBadness('lto-no-text-in-archive', 10000)
++++++ config.strict ++++++
--- /var/tmp/diff_new_pack.JzPU20/_old 2019-12-02 11:26:26.814691964 +0100
+++ /var/tmp/diff_new_pack.JzPU20/_new 2019-12-02 11:26:26.818691963 +0100
@@ -26,4 +26,11 @@
from Config import *
setBadness('invalid-license', 100000)
-
+setBadness('polkit-unauthorized-file', 10000)
+setBadness('polkit-unauthorized-privilege', 10000)
+setBadness('polkit-unauthorized-rules', 10000)
+setBadness('polkit-untracked-privilege', 10000)
+setBadness('permissions-unauthorized-file', 10000)
+setBadness('permissions-file-setuid-bit', 10000)
+setBadness('permissions-world-writable', 10000)
+setBadness('suse-dbus-unauthorized-service', 10000)
