id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,irc_client,os,os_version 1280,RPMLint issue call-to-mktemp,anonymous,,"I get this warning when doing builds for lates 3.5 release. {{{ [ 41s] ... removing all built rpms [ 41s] (order: reverse bitlbee bitlbee-devel bitlbee-debuginfo bitlbee-debugsource bitlbee-doc) [ 41s] Failed to connect to bus: No such file or directory [ 42s] [ 42s] RPMLINT report: [ 42s] =============== [ 42s] bitlbee.x86_64: W: call-to-mktemp /usr/sbin/bitlbee [ 42s] This executable calls mktemp. As advised by the manpage (mktemp(3)), this [ 42s] function should be avoided. Some implementations are deeply insecure, and [ 42s] there is a race condition between the time of check and time of use (TOCTOU). [ 42s] See http://capec.mitre.org/data/definitions/29.html for details, and contact [ 42s] upstream to have this issue fixed. [ 42s] [ 42s] bitlbee.x86_64: I: binary-or-shlib-calls-gethostbyname /usr/sbin/bitlbee [ 42s] The binary calls gethostbyname(). Please port the code to use getaddrinfo(). [ 42s] [ 42s] 4 packages and 0 specfiles checked; 0 errors, 1 warnings. }}} Also maybe gethostbyname() -> getaddrinfo() should be taken care ",defect,new,minor,,BitlBee,Unspecified,,mktemp,,Client-independent,Linux,openSUSE