Bug 2028876

Summary: Review Request: python-volatility3 - The volatile memory extraction framework
Product: [Fedora] Fedora Reporter: Sandipan Roy <saroy>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: code, package-review
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-12-09 06:59:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 182235    

Description Sandipan Roy 2021-12-03 16:17:58 UTC 
Spec URL: https://github.com/ByteHackr/volatility3-fedora-rpm/blob/main/python-volatility3.spec

SRPM URL: https://github.com/ByteHackr/volatility3-fedora-rpm/blob/main/python-volatility3-1.0.1-1.fc35.src.rpm

Description: Volatility is the world's most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research.

Fedora Account System Username: bytehackr

https://download.copr.fedorainfracloud.org/results/bytehackr/Security-Tools/fedora-34-i386/03004326-python-volatility3/fedora-review/review.txt

https://copr.fedorainfracloud.org/coprs/bytehackr/Security-Tools/build/3004326/
Comment 1 Ben Beasley 2021-12-09 00:51:50 UTC 
The fedora-legal mailing list thread linked in the spec file, https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/thread/OHECHDPLDJ7LLFUZXQMBBAXEXYTQMXOR/, concluded that the license was not acceptable in Fedora.

A previous review request by a different packager, https://bugzilla.redhat.com/show_bug.cgi?id=1767234, was closed for this reason.

It seems like this is a clear-cut case of “the license is bad,” but I’m setting NEEDINFO just in case I missed something.
Comment 2 Sandipan Roy 2021-12-09 06:59:39 UTC 
Ok, I will close the request as per the discussion and the license is not matching with fedora guideline.