/flawfinder, Python program to find flaws in C/C++ programs
1.31, Package name:
flawfinder-1.31, Maintainer: pkgsrc-users
flawfinder is a program that examines source code and reports
possible security weaknesses (``flaws'') sorted by risk level. It's
very useful for quickly finding and removing at least some potential
security problems before a program is widely released to the public.
Required to run:
Master sites: SHA1:
Version history: (Expand)
- (2015-03-11) Updated to version: flawfinder-1.31
- (2014-05-17) Updated to version: flawfinder-1.27nb4
- (2012-03-15) Updated to version: flawfinder-1.27nb3
- (2010-02-11) Updated to version: flawfinder-1.27nb2
- (2009-02-10) Updated to version: flawfinder-1.27nb1
- (2007-01-18) Updated to version: flawfinder-1.27
CVS history: (Expand)
| 2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
| 2015-03-11 01:51:06 by Makoto Fujiwara | Files touched by this commit (2) | |
- Add LICENSE= gnu-gpl-v2
- Update 1.27 to 1.31
2014-08-03 David A. Wheeler <dwheeler, at, dwheeler.com>
* Release version 1.31, a set of small improvements mostly CWE-related.
* Note that flawfinder is officially CWE-compatible.
* Support GNU make install conventions (prefix, bindir, DESTDIR, etc.).
The older program-specific conventions are still supported, but
the documentation emphasizes using the standard conventions instead.
* Simplified installation text.
* Added more wide character function rules.
* Add reference to info at \
* Document that hitlists should be trusted to be loaded or diffed.
These are implented using Python's pickle module, and that module
presumes the data is from a trustworthy source. In the expected
use case this is fine... but it needed to be documented.
* Tweak/improve mappings to CWE. E.G., strlen()
better maps to CWE-126 (buffer over-read). In a few cases the
CWE mappings weren't reported as such; that is now fixed.
CWEs are actually a hierarchy; expose a little of this so
people can more easily search on them.
* Improved error detection and reporting. In particular, error
messages are sent to standard errors, filenames listed but
non-existent trigger a separate warning, and there's a warning
about non-existent filenames listed on the command line that
begin with the UTF-8 long dash sequence (users might not notice
the difference between long dash and dash, and this can happen
in some cases when copying and pasting).
* Add "-H" option as synonym for "--html".
2014-07-19 David A. Wheeler <dwheeler, at, dwheeler.com>
* Release 1.29, primarily for CWE improvements.
* Multi-line formatting is faster and formats better.
* Documentation about CWEs has been improved.
* HTML format includes links from CWE identifiers to their definitions.
* Tweak CWE mappings, e.g., strlen maps to CWE-126 (buffer over-read).
* Option "--listrules" now gives default warning and is \
* Regression test suite now also tests the generated HTML.
2014-07-13 David A. Wheeler <dwheeler, at, dwheeler.com>
* Release 1.28
* Common Weakness Enumeration (CWE) references are
now included in most hits
* Handle files not ending in newline (thanks to Alexis Wilke)
* Documentation clarifications
* Added support for "git diff" in patchfile processing
* Handles unbalanced double-quotes in sprintf
* Fix incorrect time executed report
* Fix bug to allow "flawfinder ." (fix bug#3)
* Fix ignore directive when filenames differ (fix bug#6)
| 2014-05-17 18:10:50 by Thomas Klausner | Files touched by this commit (152) |
Bump applications PKGREVISIONs for python users that might be using
python3, since the default changed from python33 to python34.
I probably bumped too many. I hope I got them all.
| 2014-01-25 11:45:22 by Thomas Klausner | Files touched by this commit (94) |
No need to have two variables for the same logic.
Replace PYTHON_PATCH_SCRIPTS with REPLACE_PYTHON.
| 2012-10-23 20:17:02 by Aleksej Saushev | Files touched by this commit (368) |
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
| 2012-03-15 12:53:45 by OBATA Akio | Files touched by this commit (170) | |
Bump PKGREVISION from default python to 2.7.
| 2010-02-10 20:17:48 by Joerg Sonnenberger | Files touched by this commit (205) |
Bump revision for PYTHON_VERSION_DEFAULT change.
| 2010-01-27 18:21:29 by Joerg Sonnenberger | Files touched by this commit (1) |