Bug 1150525 - AUDIT-1: envoy: review pam_envoy not yet whitelisted in rpmlint
AUDIT-1: envoy: review pam_envoy not yet whitelisted in rpmlint
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security
Current
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Malte Kraus
E-mail List
:
Depends on:
Blocks: 1150178
  Show dependency treegraph
 
Reported: 2019-09-12 11:00 UTC by Matthias Gerstner
Modified: 2019-09-20 16:07 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Gerstner 2019-09-12 11:00:08 UTC
+++ This bug was initially created as a clone of Bug #1150178
As discussed in the proactive security team we want to catch up on the
packages shipping PAM modules that haven't been reviewed yet. Formerly there
was no badness for this type of rpmlint check. Right now the new review bot
should catch them.

envoy is one of the packages shipping a pam mo dule (pam_envoy) that has not
yet been reviewed.

The code should be checked and if all is well a whitelisting be added to
rpmlint.
Comment 1 Malte Kraus 2019-09-20 16:07:44 UTC
All fine, adding the whitelisting.