[MIR] iniparser (dependency of mtd-utils)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
iniparser (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Hirsute |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[MIR] iniparser (dependency of mtd-utils)
[Availability]
✓ The package is in universe.
[Rationale]
✓ The package is a new build dependency of a package that we already
support (mtd-utils).
[Security]
✓ No CVEs
✓ No openwall
✓ No security relevant binaries
- The github has several items of interest - commits not yet in Debian /
Ubuntu that address buffer overflows, not-yet-merged fixes for missing
null pointer checks/memory leaks, plus more issues filed with typical C
code null checks / off by ones. Could be OK with some updates to
address the known issues.
[Quality assurance]
✓ Used package with minimal effort. Provides a doc package, and the
header file for the lib has the same content. API behaves mostly as
expected and was easy to use just based on the header file.
✓ No debconf usage
✓ No long-term usability affecting bugs
✓ No Debian/Ubuntu bugs aside from this MIR
- Upstream bugs of interest present, see security section above
- Packaging in Debian seems mostly fine, but I noted that back-to-back
invocation of dpkg-buildpackage fails. A `make -C test clean` would
resolve this.
✓ No exotic hardware expectations
- While a test suite is present, failures in it are not failing the build.
✓ debian/watch file present
- lintian --pedantic reports 6 items total, the most severe of which are 2
warnings
✓ No reliance on obsolete/
[Dependencies]
✓ Dependencies are very modest and already in main. (libc6, and
libjs-jquery for doc package)
[Standards compliance]
✓ FHS looks good to me.
✓ Outstanding patches - there is a CMake patch, but upstream doesn't want
it.
https:/
- Recommended item DEB_BUILD_OPTIONS isn't explicitly implemented, all 6
options currently listed are potentially relevant.
https:/
- The standards version is old https:/
however v4.3.0 is an appropriate version for the last time the package
was uploaded.
[Maintenance]
✓ foundations-bugs subscribed on
https:/
✓ I consider this a "simple" package which should continue to be in sync
with Debian
[Background information]
✓ Package description is appropriate
✓ No recent (or ever) renames
tags: | added: rls-ff-incoming |
tags: | added: fr-1082 |
tags: |
added: rls-hh-incoming removed: rls-ff-incoming |
tags: | removed: rls-hh-incoming |
description: | updated |
Changed in iniparser (Ubuntu Hirsute): | |
assignee: | nobody → Dan Streetman (ddstreet) |
Changed in iniparser (Ubuntu Hirsute): | |
status: | Incomplete → New |
Changed in mtd-utils (Ubuntu Hirsute): | |
status: | Incomplete → Invalid |
no longer affects: | mtd-utils (Ubuntu) |
no longer affects: | mtd-utils (Ubuntu Hirsute) |
ddstreet: if you need any further info or if anything is missing please let me know. Per the MIR IRC meeting it looks like there is a partial concern that the library may be redundant, albeit with a different API. Any further feedback?