clisp.x86_64: W: call-to-mktemp /usr/lib64/clisp-2.49.92/dynmod/lib-linux.so clisp.x86_64: W: call-to-mktemp /usr/lib64/clisp-2.49.92/full/lisp.run This executable calls mktemp. As advised by the manpage (mktemp(3)), this function should be avoided. Some implementations are deeply insecure, and there is a race condition between the time of check and time of use (TOCTOU). See http://capec.mitre.org/data/definitions/29.html for details, and contact upstream to have this issue fixed. clisp.src:58: W: macro-in-comment %endif clisp.src:56: W: macro-in-comment %ifarch clisp.src:168: W: macro-in-comment %{optflags} There is a unescaped macro after a shell style comment in the specfile. Macros are expanded everywhere, so check if it can cause a problem in this case and escape the macro with another leading % if appropriate. clisp.x86_64: W: missing-call-to-chdir-with-chroot /usr/lib64/clisp-2.49.92/base/lisp.run clisp.x86_64: W: missing-call-to-chdir-with-chroot /usr/lib64/clisp-2.49.92/dynmod/lib-linux.so clisp.x86_64: W: missing-call-to-chdir-with-chroot /usr/lib64/clisp-2.49.92/full/lisp.run This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. clisp-doc.noarch: W: no-version-in-last-changelog clisp.src: W: no-version-in-last-changelog clisp.x86_64: W: no-version-in-last-changelog The latest changelog entry doesn't contain a version. Please insert the version that is coherent with the version of the package and rebuild it. clisp.x86_64: W: non-executable-script /usr/lib64/clisp-2.49.92/build-aux/install-sh 644 /bin/sh This text file contains a shebang or is located in a path dedicated for executables, but lacks the executable bits and cannot thus be executed. If the file is meant to be an executable script, add the executable bits, otherwise remove the shebang or move the file elsewhere. 3 packages and 0 specfiles checked; 0 errors, 12 warnings.