Call for real-world scenarios prevented by RB practices

Bernhard M. Wiedemann bernhardout at lsmod.de
Thu Mar 24 10:32:24 UTC 2022



On 22/03/2022 13.46, Chris Lamb wrote:
> Just wondering if anyone on this list is aware of any real-world
> instances where RB practices have made a difference and flagged
> something legitimately "bad"?

Maybe not "bad" as in "malicious", but certainly I detected and fixed
some bad quality issues in openSUSE over the years.

Some where corrupted data made it into packages:
https://bazaar.launchpad.net/~intltool/intltool/trunk/revision/748
http://lists.gnu.org/archive/html/bug-bash/2018-07/msg00010.html
https://bugzilla.opensuse.org/show_bug.cgi?id=1192192
https://bugzilla.opensuse.org/show_bug.cgi?id=1103093

https://gitlab.gnome.org/GNOME/libxslt/-/issues/37
notable because the maintainer wrote:
> I'm still puzzled why it took so long to discover this issue

Also a bunch of year 2020 bugs such as
https://rt.cpan.org/Public/Bug/Display.html?id=124543
https://rt.cpan.org/Public/Bug/Display.html?id=124524


and https://bugzilla.opensuse.org/show_bug.cgi?id=1100677 has a whole
class with a dozen members. Most of those could have caused crashes on
older user machines.


Ciao
Bernhard M.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20220324/97cabf40/attachment.sig>


More information about the rb-general mailing list