I reviewed libmail-authenticationresults-perl 1.20180923-2 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability. ANY
OTHER NOTES REGARDING THE NATURE OF THE REVIEW ITSELF.
libmail-authenticationresults-perl is a parser for Object Oriented Authentication-Results email
headers. It tokenizes the header into a usable set of objects.
- CVE History:
- I was not able to find any CVE history
- Build-Depends?
- perl
- libscalar-list-utils-perl
- pre/post inst/rm scripts?
- not applicable
- init scripts?
- not applicable
- systemd units?
- not applicable
- dbus services?
- not applicable
- setuid binaries?
- not applicable
- binaries in PATH?
- not applicable
- sudo fragments?
- not applicable
- udev rules?
- not applicable
- unit tests / autopkgtests?
- there is a comprehensive test suite
- cron jobs?
- not applicable
- Build logs:
- Everything looks fine
- Processes spawned?
- not applicable
- Memory management?
- I do not see anything that looks problematic
- File IO?
- not applicable
- Logging?
- not applicable
- Environment variable usage?
- not applicable
- Use of privileged functions?
- not applicable
- Use of cryptography / random number sources etc?
- not applicable
- Use of temp files?
- not applicable
- Use of networking?
- not applicable
- Use of WebKit?
- not applicable
- Use of PolicyKit?
- not applicable
- Any significant cppcheck results?
- not applicable
- Any significant Coverity results?
- not applicable
Overall it seems to be cleanly written, organized and well documetned code. Upstream is not very active. 111 git commits between 2017.12-2018.10 and nothing since then. It is maintained in debian testing and unstable though.
Security team ACK for promoting libmail-authenticationresults-perl to main.
I reviewed libmail- authenticationr esults- perl 1.20180923-2 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability. ANY
OTHER NOTES REGARDING THE NATURE OF THE REVIEW ITSELF.
libmail- authenticationr esults- perl is a parser for Object Oriented Authentication- Results email
headers. It tokenizes the header into a usable set of objects.
- CVE History: list-utils- perl
- I was not able to find any CVE history
- Build-Depends?
- perl
- libscalar-
- pre/post inst/rm scripts?
- not applicable
- init scripts?
- not applicable
- systemd units?
- not applicable
- dbus services?
- not applicable
- setuid binaries?
- not applicable
- binaries in PATH?
- not applicable
- sudo fragments?
- not applicable
- udev rules?
- not applicable
- unit tests / autopkgtests?
- there is a comprehensive test suite
- cron jobs?
- not applicable
- Build logs:
- Everything looks fine
- Processes spawned?
- not applicable
- Memory management?
- I do not see anything that looks problematic
- File IO?
- not applicable
- Logging?
- not applicable
- Environment variable usage?
- not applicable
- Use of privileged functions?
- not applicable
- Use of cryptography / random number sources etc?
- not applicable
- Use of temp files?
- not applicable
- Use of networking?
- not applicable
- Use of WebKit?
- not applicable
- Use of PolicyKit?
- not applicable
- Any significant cppcheck results?
- not applicable
- Any significant Coverity results?
- not applicable
Overall it seems to be cleanly written, organized and well documetned code. Upstream is not very active. 111 git commits between 2017.12-2018.10 and nothing since then. It is maintained in debian testing and unstable though.
Security team ACK for promoting libmail- authenticationr esults- perl to main.