[Bug 1077484] Re: [MIR] libsemanage (shadow's rdep to continue SELinux support in shadow)

[Jamie Strandboge]

MIR review:
 * Builds fine with just main
 * Interestingly, though it is a unit testing framework for C, it doesn't seem to include a test suite
 * no Ubuntu delta
 * FYI, it's a library but neither ships a symbols file nor uses dh_makeshlibs -V
 * It has a watch file
 * Update history is very slow
 * The latest release is packaged
 * lintian checks are fine
 * debian/rules uses older style, but is readable enough
 * There are some warnings about not checking the return code of fgets() in Console.c
 * Spot-checking the code, it has some old conventions and isn't doing bounds checking on strcpy or checking return codes. However, because of the old conventions, these string operations are happening on the stack or our compiler hardening should cover them
 * There aren't any important bugs in Debian or Ubuntu
 * There is no CVE history and nothing in the code dictates a more in-depth security review.

ACK provided the compiler warnings are addressed and the patches sent to
Debian.

** Changed in: cunit (Ubuntu)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1077484

Title:
  [MIR] libsemanage (shadow's rdep to continue SELinux support in
  shadow)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cunit/+bug/1077484/+subscriptions