| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: flawfinder | Distribution: SUSE Linux Enterprise 15 SP4 |
| Version: 2.0.19 | Vendor: openSUSE |
| Release: bp154.1.20 | Build date: Mon May 9 11:11:26 2022 |
| Group: Development/Tools/Other | Build host: lamb58 |
| Size: 413775 | Source RPM: flawfinder-2.0.19-bp154.1.20.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.dwheeler.com/flawfinder/ | |
| Summary: C/C++ source code security flaw examination tool | |
Flawfinder scans through C/C++ source code, identifying lines
("hits") with potential security flaws. By default it reports hits
sorted by severity, with the riskiest lines first.
GPL-2.0-or-later
* Wed Sep 01 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.19:
* entrypoint.sh: Don't require output filename to be escaped
* entrypoint.sh: Make minor improvements (#54)
* print warning messages to stderr (#58)
* changes to github actions
* Fri Jun 25 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.18:
* Fix Sarif output relationship target id format.
* Mon Jun 07 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.17:
* Fix the distributed tarball, which didn't include the
key source file due to the earlier file restructure.
* Minor code style fix, which simplifies the code slightly.
* Update date in manual page to 2021. That's important because
the documentation now includes information on `--sarif`.
* Tue Jun 01 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.16:
* The distributed source file is now flawfinder.py, not flawfinder.
This is part of a change that improves
improve cross-platform ease-of-use by using entry_points.
That said, "make install" will still
install it as "flawfinder" (so those who install it via
"make install" will see no change).
* Added support for generating SARIF output, use --sarif.
* Track curly brace level to reduce some problems, my thanks to
* Improved handling of Git patch format
* Tue Jan 12 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.15:
* Fixed some release problems in 2.0.14. (#30)
* Improved handling of LoadLibraryEx; flawfinderr no longer complains
about certain constructs that are known to be safe (eliminating
some false positives).
* Mon Jan 11 2021 Michael Vetter <mvetter@suse.com>
- Update to 2.0.14:
* If there are >0 hits, tell users how to ignore them as part of the
tool output.
* Various Windows improvments.
Ignore LoadLibraryEx if its third parameter is
LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe, and
remove the rule for InitialCriticalSection
(this is no longer a vulnerability on current widely-used versions
of Windows)
* Various C++ improvements. Add .hpp support for C++,
ignore "system::" to reduce false positives,
treat ' as digit separator when file extension is a C++ file
(for C++14).
* I had some release problems; this is identified as 2.0.14
(skipping a few minor numbers) to ensure that the version
number uniquely identifies a specific release.
* Tue Feb 18 2020 Michael Vetter <mvetter@suse.com>
- Update to 2.0.11:
* Provide a much more detailed error report, including recommended
solutions, when character encoding problems hit.
As Python3 has slowly gained in popularity, its failure to provide
useful built-ins to handle real-world character encoding problems
hurts more people. (E.g., many files don't comply with *any*
character set encoding standard, and Python3 can't read them
without enabling options that are wrong for others.)
We can at least provide much more detailed feedback to help
explain the various options available.
* Thu Sep 05 2019 mvetter@suse.com
- Use python3
* Thu Sep 05 2019 Jan Engelhardt <jengelh@inai.de>
- Use noun phrase in summary. Drop metadata redundancies from
description.
* Wed Sep 04 2019 mvetter@suse.com
- Update to 2.0.10:
* Use binary mode when reading a diffhitlist.
* Fix a serious defect in --diffhitlist option and added a
unit test
* Don't warn if memcpy call includes sizeof(first arg).
* Bugfix (banned function _ftcsat should be _ftcscat).
* Documentation tweaks. Make it clear that GitHub issues and
pull requests are supported, and use ~~~~ in markdown
to ease copy-and-paste from documentation.
* Fri Jan 18 2019 mvetter@suse.com
- Update to 2.0.7:
* Incorporate many small improvements from nickthetait
* Fix a number of bugs reported by philipp
* Update URLs for www.dwheeler.com -> dwheeler.com
- Highlights from older versions:
* add detection of crypt_r function
* add detection of errant equal, mismatch, and is_permutation
* update CWE, risk, and discussion for C++14 STL functions
* Always report hit counts correctly, even if ignored using -m
* Switch from distutils to setuptools
* Flawfinder can now run on either Python 2.7 or 3
* Change version numbers to use Semantic Versioning (x.y.z)
* Add support for generating CSV (comma-separated value) format,
to make this tool easier to integrate into larger toolsuites.
* Thu Feb 19 2015 tuukka.pasanen@ilmi.fi
- New version 1.31
/usr/bin/flawfinder /usr/lib/python3.6/site-packages /usr/lib/python3.6/site-packages/__pycache__ /usr/lib/python3.6/site-packages/__pycache__/flawfinder.cpython-36.opt-1.pyc /usr/lib/python3.6/site-packages/__pycache__/flawfinder.cpython-36.pyc /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/PKG-INFO /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/SOURCES.txt /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/dependency_links.txt /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/entry_points.txt /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/top_level.txt /usr/lib/python3.6/site-packages/flawfinder-2.0.19-py3.6.egg-info/zip-safe /usr/lib/python3.6/site-packages/flawfinder.py /usr/share/doc/packages/flawfinder /usr/share/doc/packages/flawfinder/ChangeLog /usr/share/doc/packages/flawfinder/README.md /usr/share/doc/packages/flawfinder/flawfinder.ps /usr/share/licenses/flawfinder /usr/share/licenses/flawfinder/COPYING /usr/share/man/man1/flawfinder.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 17:06:41 2024