Ubuntu
fonts-smc-gayathri package

[MIR] fonts-smc-gayathri

Bug #1858620 reported by Sebastien Bacher
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
fonts-smc-gayathri (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

* Availability

Currently version builds fine and is in sync from Debian
https://launchpad.net/ubuntu/+source/fonts-smc-gayathri/1.100-1
(it's a font and arch all so only amd64 build)

* Rationale

It has been added to the Malayalam fonts in Debian and is showing on component-mismatch now

* Security

No CVE/known security issue

* Quality assurance

- the desktop-packages team is subscribed to the package
- the package is in sync with Debian
- there are no open bugs on debian or launchpad

* Dependendies

The package has no depends

* Standards compliance

the package is using standard dh packaging and the current the standards-version, it is in sync from Debian

* Maintainance

The package is maintained in Debian by the fonts team, the desktop team is going to look at issues on the Ubuntu side if requires

Christian Ehrhardt  (paelzer)
Changed in fonts-smc-gayathri (Ubuntu):
assignee: nobody → Christian Ehrhardt  (paelzer)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

[Summary]
This was as straight forward as expected.
MIR ack to the package.
Does not need an extra security review.

[Duplication]
No other Malayalam font in main that could be used.

[Embedded sources and static linking]
- no embedded source present
- no static linking

[Security]
- history of CVEs does not look concerning
- does not run a daemon as root
- does not use webkit1,2
- does not use lib*v8 directly
- does not parse data formats
- does not open a port
- does not process arbitrary web content
- does not use centralized online accounts
- does not integrate arbitrary javascript into the desktop
- does not deal with system authentication (eg, pam), etc)

[Common blockers]
- does not FTBFS currently
- does not have a test suite but then it really is just a font, no active code
- no translation present, but none needed for this case (user visible)?
- not a python package, no extra constraints to consider int hat regard
- desktop-packages is already subscribed

[Packaging red flags]
- Ubuntu does not carry a delta
- symbols tracking not applicable for this kind of code.
- d/watch is present and looks ok
- Upstream update history is ok, but not that old
- Debian/Ubuntu update history is ok, but also not that old
- the current release is packaged
- promoting this does not seem to cause issues for MOTUs that so far maintained the package
- no massive Lintian warnings
- d/rules is rather clean
- not using Built-Using

[Upstream red flags]
- no Errors/warnings during the build
- no incautious use of malloc/sprintf
- no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH
- no use of user nobody
- no use of setuid
- no important open bugs (crashers, etc) in Debian or Ubuntu
- no dependency on webkit, qtwebkit, seed or libgoa-*
- no embedded source copies
- not part of the UI for extra checks on privacy

Changed in fonts-smc-gayathri (Ubuntu):
assignee: Christian Ehrhardt  (paelzer) → nobody
status: New → Fix Committed
Revision history for this message
Sebastien Bacher (seb128) wrote :

fonts-smc-gayathri 1.100-1 in focal: universe/misc -> main

Changed in fonts-smc-gayathri (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.