MainInclusionReportJACK
|
Size: 3148
Comment: Mostly finished Security and QA
|
Size: 3145
Comment: found the bugtracker :)
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 26: | Line 26: |
| * [http:// Upstream bug tracker]: TODO can't seem to find the bugtracker (?) (mention any particularly relevant or critical) | * [http://trac.jackaudio.org/jack/ Upstream bug tracker]: nothing particularly relevant or critical there either it seems |
Main Inclusion Report for jack-audio-connection-kit
Note: when writing a report this template should be vigorously edited; as a rule of thumb, every individual point should be replaced with a description of the actual situation in the package in question. The purpose of the report is to convey information to the reviewer, so there is no problem with varying the text in the bullet items, or with adding additional information.
Please be informative, and in particular be thorough in investigating and explaining any weaknesses and problems with the package. The purpose of the report is to show to the reviewer that the package has been properly investigated, and to give the reviewer the information from that investigation, for their decision.
Requirements
Availability: [http://archive.ubuntu.com/ubuntu/pool/universe/j/jack-audio-connection-kit]; Available for all supported architectures.
Rationale:
- Build dependency of the 'jack' alsa plugin (now disabled in libasound2-plugins)
Security:
No [http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jack CVE entries] known.
No [http://secunia.com/search/?search=jack Secunia history] known
- Only binaries in jackd, none of which are suid/sgid: realtime capabilities are nowadays granted to users/groups though /etc/security/limits.conf
- jackd is of course a daemon, but is not automatically started on startup
- jackd does not listen for network connections itself - it requires the installation of a separately available 'netjack' driver for this.
- No source code review is performed that we know of.
Quality assurance:
- Jack needs some audio output device to connect to in order to start. This might fail if such a device is not available, or if another process is keeping a device occupied that does not support multiple concurrent connections.
- Jack does not ask any debconf questions.
[http://bugs.debian.org/src:jack Debian bugs]: only wishlist items are open right now.
[http://packages.qa.debian.org/j/jack.html Maintenance in Debian] is calm
[http://jackaudio.org Upstream] is calm
[http://trac.jackaudio.org/jack/ Upstream bug tracker]: nothing particularly relevant or critical there either it seems
Standards compliance:
[http://www.pathname.com/fhs/ FHS], [http://www.de.debian.org/doc/debian-policy/ Debian Policy] compliance ?
[http://www.netfort.gr.jp/~dancer/column/libpkg-guide/libpkg-guide.html Debian library packaging guide] standards compliance ?
- Packaging system (debhelper/cdbs/dbs) ? Patch system ? Any packaging oddities ?
Dependencies:
- ...
- Are these all in main ?
Background information:
- The general purpose and context of the package should be clear from the package's debian/control file. If it isn't then please explain.
- What do upstream call this software ? Has it had different names in the past ?
Reviewers
MIR bug: [https://bugs.launchpad.net/BUGNUMBER]
The author of this report should put their name here; reviewers will add comments etc. too
MainInclusionReportJACK (last edited 2010-03-16 12:37:56 by 189)