Revision 8 as of 2009-09-09 17:24:25

Clear message

= Main Inclusion Report for Jack-Audio-Connection-Kit (JACK)=


  1. Availability:; Available for all supported architectures.

  2. Rationale:

    • Build dependency of the 'jack' alsa plugin (now disabled in libasound2-plugins, see launchpad bugs 197957 and 84900)

    • ...
  3. Security:

    • No CVE entries known.

    • No Secunia history known

    • Only binaries in jackd, none of which are suid/sgid: realtime capabilities are nowadays granted to users/groups though /etc/security/limits.conf
    • jackd is of course a daemon, but is not automatically started on startup
    • jackd does not listen for network connections itself - it requires the installation of a separately available 'netjack' driver for this.
    • No source code review is performed that we know of.
  4. Quality assurance:

    • Jack needs some audio output device to connect to in order to start. This might fail if such a device is not available, or if another process is keeping a device occupied that does not support multiple concurrent connections.
    • Jack does not ask any debconf questions.
    • Debian bugs: only wishlist items are open right now.

    • Maintenance in Debian is calm

    • Upstream is calm

    • Upstream bug tracker: nothing particularly relevant or critical there either it seems

  5. Standards compliance:

  6. Dependencies:

    • ...
    • Are these all in main ?
  7. Background information:

    • The general purpose and context of the package should be clear from the package's debian/control file. If it isn't then please explain.
    • What do upstream call this software ? Has it had different names in the past ?


MIR bug:

The author of this report should put their name here; reviewers will add comments etc. too * Contributor: Arnout 'raboof' Engelen