libdnf icon indicating copy to clipboard operation
libdnf copied to clipboard
verified publisher icon rpm-software-management

Review OpenScanHub results for libdnf

Open ppisar opened this issue 1 year ago • 7 comments

Fedora scanned F41 critical packages for insecure pieces of source code https://lists.fedoraproject.org/archives/list/[email protected]/thread/ZNWA2K3H6OS3LFJOTA5H4FJJC64EBLRK/ Results are at https://svashisht.fedorapeople.org/f41-22-Apr-2024/. There are some findings for libdnf. It would be great to review and the address true positives.

ppisar avatar Apr 25 '24 08:04 ppisar

A more recent report is available at https://svashisht.fedorapeople.org/f41-03-Jul-2024/

But it contains high number of false positives due to cppcheck warning about limiting analysis of branches. It should be fixed in the future mass scans.

siteshwar avatar Jul 17 '24 14:07 siteshwar