{"tags": [{"severity": "info", "package": "spawn-fcgi", "tag": "bash-term-in-posix-shell", "explanation": "This script is marked as running under /bin/sh, but it seems to use a\nfeature found in bash but not in the SUSv3 or POSIX shell specification.\n\nSome examples are:\n\n- == in a test, it should use = instead - read without a variable in the\nargument - function to define a function - source instead of . - . command\nargs, passing arguments to commands via source is not supported -\n{foo,bar} instead of foo bar - [[ test ]] instead of [ test ] (requires a\nKorn shell) - type instead of which or command -v\n\nVisibility: info\nShow-Always: no\nCheck: shell/non-posix/bash-centric", "comment": "", "note": "'&>'", "pointer": "usr/share/doc/spawn-fcgi/examples/spawn-fcgi_launcher:46"}, {"severity": "info", "package": "spawn-fcgi", "tag": "bash-term-in-posix-shell", "explanation": "", "comment": "", "note": "'&>'", "pointer": "usr/share/doc/spawn-fcgi/examples/spawn-fcgi_launcher:53"}, {"severity": "info", "package": "spawn-fcgi", "tag": "hardening-no-bindnow", "explanation": "This package provides an ELF binary that lacks the \"bindnow\" linker flag.\n\nThis is needed (together with \"relro\") to make the \"Global Offset Table\"\n(GOT) fully read-only. The bindnow feature trades startup time for\nimproved security. Please consider enabling this feature or consider\noverriding the tag (possibly with a comment about why).\n\nIf you use dpkg-buildflags, you may have to add hardening=+bindnow or\nhardening=+all to DEB_BUILD_MAINT_OPTIONS.\n\nThe relevant compiler flags are set in LDFLAGS.\n\nPlease refer to https://wiki.debian.org/Hardening for details.\n\nVisibility: info\nShow-Always: no\nCheck: binaries/hardening", "comment": "", "note": "", "pointer": "usr/bin/spawn-fcgi"}, {"severity": "pedantic", "package": "spawn-fcgi", "tag": "maintainer-script-without-set-e", "explanation": "The maintainer script passes -e to the shell on the #! line rather than\nusing set -e in the body of the script. This is fine for normal operation,\nbut if the script is run by hand with sh /path/to/script (common in\ndebugging), -e will not be in effect. It's therefore better to use set -e\nin the body of the script.\n\nPlease refer to Scripts (Section 10.4) in the Debian Policy Manual for\ndetails.\n\nVisibility: pedantic\nShow-Always: no\nCheck: scripts", "comment": "", "note": "", "pointer": "preinst"}, {"severity": "experimental", "package": "spawn-fcgi", "tag": "spelling-error-in-binary", "explanation": "Lintian found a spelling error in the given binary. Lintian has a list of\ncommon misspellings that it looks for. It does not have a dictionary like\na spelling checker does.\n\nIf the string containing the spelling error is translated with the help of\ngettext or a similar tool, please fix the error in the translations as\nwell as the English text to avoid making the translations fuzzy. With\ngettext, for example, this means you should also fix the spelling mistake\nin the corresponding msgids in the *.po files.\n\nYou can often find the word in the source code by running:\n\ngrep -rw <word> <source-tree>\n\nThis tag may produce false positives for words that contain non-ASCII\ncharacters due to limitations in strings.\n\nVisibility: pedantic\nShow-Always: no\nCheck: binaries/spelling\nThis tag is experimental.", "comment": "", "note": "childs children", "pointer": "usr/bin/spawn-fcgi"}, {"severity": "classification", "package": "spawn-fcgi", "tag": "control-tarball-compression-format", "explanation": "This is the compressor format used for the control.tar tarball.\n\nVisibility: classification\nShow-Always: no\nCheck: deb-format\nThis tag is a classification. There is no issue in your package.", "comment": "", "note": "xz", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "ctrl-script", "explanation": "This package has one or more maintainer scripts (or other executable\ncontrol files).\n\nThis flags any control file with the executable bit set.\n\nVisibility: classification\nShow-Always: no\nCheck: control-files\nThis tag is a classification. There is no issue in your package.", "comment": "", "note": "", "pointer": "preinst"}, {"severity": "classification", "package": "spawn-fcgi", "tag": "data-tarball-compression-format", "explanation": "This is the compressor format used for the data.tar tarball.\n\nVisibility: classification\nShow-Always: no\nCheck: deb-format\nThis tag is a classification. There is no issue in your package.", "comment": "", "note": "xz", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "mail-contact", "explanation": "", "comment": "", "note": "Maintainer \"J\u00e9r\u00e9my Lal\" <kapouer@melix.org>", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "maintainer-script-interpreter", "explanation": "Interpreter used in maintainer script or ELF\n\nVisibility: classification\nShow-Always: no\nCheck: scripts\nThis tag is a classification. There is no issue in your package.", "comment": "", "note": "/bin/sh", "pointer": "preinst"}, {"severity": "classification", "package": "spawn-fcgi", "tag": "package-is-maintained-by-individual", "explanation": "", "comment": "", "note": "", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Architecture amd64", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Depends libc6 (>= 2.38)", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Description FastCGI process spawner\\n Allows FastCGI processes to be separated from web server process :\\n   * Easy creation of chmoded socket.\\n   * Privilege separation without needing a suid-binary,\\n     or running a server as root.\\n   * You can restart your web server and the FastCGI applications\\n     without restarting the others.\\n   * You can run them in different chroot()s.\\n   * Running your FastCGI applications doesn\u2019t depend on the web server\\n     you are running, which allows for easier testing of/migration\\n     to other web servers.", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Homepage http://redmine.lighttpd.net/projects/spawn-fcgi", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Installed-Size 55", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Maintainer J\u00e9r\u00e9my Lal <kapouer@melix.org>", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Package spawn-fcgi", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Priority optional", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Section web", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Version 1.6.7~snap-20250301-194725-ga82da4-0.2", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "control-tarball-compression-format", "explanation": "", "comment": "", "note": "xz", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "data-tarball-compression-format", "explanation": "", "comment": "", "note": "xz", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "mail-contact", "explanation": "", "comment": "", "note": "Maintainer \"J\u00e9r\u00e9my Lal\" <kapouer@melix.org>", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "no-ctrl-scripts", "explanation": "The package does not rely on any maintainer scripts (or other executable\ncontrol files).\n\nVisibility: classification\nShow-Always: no\nCheck: control-files\nThis tag is a classification. There is no issue in your package.", "comment": "", "note": "", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "package-is-maintained-by-individual", "explanation": "", "comment": "", "note": "", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Architecture amd64", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Auto-Built-Package debug-symbols", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Build-Ids c82b6edf616e72fead061df6a1fc1ccabb3a4f00", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Depends spawn-fcgi (= 1.6.7~snap-20250301-194725-ga82da4-0.2)", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Description debug symbols for spawn-fcgi", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Installed-Size 39", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Maintainer J\u00e9r\u00e9my Lal <kapouer@melix.org>", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Package spawn-fcgi-dbgsym", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Priority optional", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Section debug", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Source spawn-fcgi", "pointer": ""}, {"severity": "classification", "package": "spawn-fcgi-dbgsym", "tag": "trimmed-field", "explanation": "", "comment": "", "note": "Version 1.6.7~snap-20250301-194725-ga82da4-0.2", "pointer": ""}], "summary": {"tags_count_by_severity": {"error": 0, "warning": 0, "info": 3, "pedantic": 1, "experimental": 1, "overridden": 0, "classification": 33}, "package_filename": {"spawn-fcgi": "spawn-fcgi_1.6.7~snap-20250301-194725-ga82da4-0.2_amd64.deb", "spawn-fcgi-dbgsym": "spawn-fcgi-dbgsym_1.6.7~snap-20250301-194725-ga82da4-0.2_amd64.deb"}, "tags_found": ["bash-term-in-posix-shell", "control-tarball-compression-format", "ctrl-script", "data-tarball-compression-format", "hardening-no-bindnow", "mail-contact", "maintainer-script-interpreter", "maintainer-script-without-set-e", "no-ctrl-scripts", "package-is-maintained-by-individual", "spelling-error-in-binary", "trimmed-field"], "overridden_tags_found": [], "lintian_version": "2.122.0", "distribution": "debian:trixie"}, "version": 1}