[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 [EMAIL PROTECTED] changed: What|Removed |Added OtherBugsDependingO|163778 |163779 nThis|| --- Additional Comments From [EMAIL PROTECTED] 2006-06-20 10:44 EST --- And you also corrected the httpd conf file. :) Everything looks good to go now, package APPROVED. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 [EMAIL PROTECTED] changed: What|Removed |Added Status|ASSIGNED|CLOSED Resolution||NEXTRELEASE --- Additional Comments From [EMAIL PROTECTED] 2006-06-20 22:18 EST --- imported and built for FC4, FC5, and devel. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |ASSIGNED AssignedTo|[EMAIL PROTECTED] |[EMAIL PROTECTED] OtherBugsDependingO|163776 |163778 nThis|| --- Additional Comments From [EMAIL PROTECTED] 2006-06-19 15:50 EST --- I'll go ahead and take on this review, since I'm familiar with the software. My findings thus far: 1) There's a new version (2.0.3) out now (obsoletes the patch), need to update 2) Web apps should be installed in /usr/share/name, not /var/www, per fedora extras guidelines 3) rpmlint complains about a bunch of empty files, they should be removed 4) config files should be broken out into /etc/ somewhere 5) %doc lines aren't quite correct, you should be removing them from the installed packages and then sucking them in w/the %doc line, referring to them by their relative path within the source 6) the Source0: url doesn't appear to actually work, upstream only post a 'latest.tar.gz' (rather annoying of them...) I'm rather partial to proposing fixes for issues I come up with in review in the form of an updated spec file, so you can see exactly what I'm suggesting: http://wilsonet.com/packages/wordpress/ -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: wordpress - database driven blogging software
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478
--- Additional Comments From [EMAIL PROTECTED] 2006-06-19 22:25 EST ---
One thing I forgot to mention: the way you specify all the files is a matter of
preference, but if you're
going to list them all out rather than simply having a single line
'%{_datadir}/wordpress/', you must also
have a line '%dir %{_datadir}/wordpress/' so that the created directories are
also owned by the package.
Also note that the symlink %{_datadir}/wordpress/wp-config.php shouldn't be
marked as a config file,
and symlinks generally should be relative, rather than absolute (otherwise
they're hanging within the
buildroot).
Ah, the wordpress-httpd-conf file needs /var/www/wordpress replaced with
/usr/share/wordpress.
Personally, I'd also just do away with the '%define installdir %{_datadir}' and
simply replace all cases of %
{installdir} with %{_datadir}, because it just adds unnecessary and
non-standard cruft.
Additional review details:
* package meets naming and packaging guidelines: okay
* specfile is properly named, is cleanly written and uses macros consistently:
my only beef on that is
the now unnecessary use of %{installdir}
* dist tag is present: okay
* build root is correct.
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n): okay
* license field matches the actual license: GPL, okay
* license is open source-compatible, license text included in package: okay
* source files match upstream: okay
$ md5sum latest.tar.gz wordpress-2.0.3.tar.gz
0ad0696351cba9ef9b4a3dd97b1f327b latest.tar.gz
0ad0696351cba9ef9b4a3dd97b1f327b wordpress-2.0.3.tar.gz
* latest version is being packaged: v2.0.3, okay
* BuildRequires are proper: okay
* package builds in mock: okay (fedora development, x86_64)
* rpmlint is silent: not quite yet, it complains about
/usr/share/wordpress/wp-config.php being
marked as a config file
* final provides and requires are sane: okay
wordpress-2.0.3-1.fc6.noarch.rpm
config(wordpress) = 2.0.3-1.fc6
wordpress = 2.0.3-1.fc6
=
config(wordpress) = 2.0.3-1.fc6
httpd
mysql-server
php = 4.1.
* no shared libraries are present: okay
* package is not relocatable: okay
* owns the directories it creates: not yet, need to add /usr/share/wordpress to
%files
* doesn't own any directories it shouldn't: okay
* no duplicates in %files: okay
* file permissions are appropriate: okay
* %clean is present: okay
* %check is present and all tests pass: n/a
* no scriptlets present: okay
* code, not content: okay
* documentation is small, so no -docs subpackage is necessary: okay
* %docs are not necessary for the proper functioning of the package: okay
* no headers: okay
* no pkgconfig files: okay
* no libtool .la files: okay
* not a GUI app: okay
* not a web app: okay
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the QA contact for the bug, or are watching the QA contact.
___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 --- Additional Comments From [EMAIL PROTECTED] 2006-05-31 09:26 EST --- I'll have to correct myself - it appears this was patched on 5-26 in SVN. I've added that patch, rebuilt, and tested the given exploit, and the exploit now fails. Spec: http://www.berningeronline.net/wordpress.spec SRPM: http://www.berningeronline.net/wordpress-2.0.2-1.src.rpm -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 --- Additional Comments From [EMAIL PROTECTED] 2006-05-30 17:49 EST --- Direct static code injection vulnerability in WordPress 2.0.2 and earlier: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2667 -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 193478] Review Request: wordpress - database driven blogging software
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: wordpress - database driven blogging software https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193478 --- Additional Comments From [EMAIL PROTECTED] 2006-05-30 20:35 EST --- Well, there doesn't appear to be a patch available, so this review will have to wait until there is one. I'm watching the svn and testers lists upstream. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the QA contact for the bug, or are watching the QA contact. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
