https://bugzilla.redhat.com/show_bug.cgi?id=1021719
--- Comment #13 from Kevin Fenzi <[email protected]> --- All the issues from comment 11 appear fixed. ;) However, I see a few new rpmlint complaints: opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/sbin/smtpctl opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/libexec/opensmtpd/queue-ram opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/libexec/opensmtpd/scheduler-stub opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/libexec/opensmtpd/scheduler-ram opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/libexec/opensmtpd/queue-null opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/libexec/opensmtpd/queue-stub opensmtpd.i686: E: missing-call-to-chdir-with-chroot /usr/sbin/smtpd $ rpmlint -I missing-call-to-chdir-with-chroot missing-call-to-chdir-with-chroot: This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. Could you ask upstream on this? Also, a nitpick: opensmtpd.i686: W: incoherent-version-in-changelog 5.4.1p1-1.denf ['5.4.1p1-1.fc21', '5.4.1p1-1'] drop the 'denf' in changelogs? We are getting close here. ;) -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-review
