Main Inclusion Report for sourcepackage


  1. Availability:; available for all supported architectures.

  2. Rationale:

  3. Security:

    • CVE entries: this is a nightmare...

    • Secunia history: another nightmare on elm street.

    • Any binaries running as root or suid/sgid ? Any daemons ?
      • yes. there is a daemon running.
    • Network activity: does it open any port ? Does it handle incoming network data ?
      • Given the nature of the package...
    • Any source code review performed ? (The approver will do a quick and shallow check.)
      • no.
  4. Quality assurance:

    • In what situations does the package not work out of the box without configuration ?
      • afaict it works out of the box. it seems to have sane defaults. Can't test all the options in my environment.
    • Does the package ask any debconf questions higher than priority 'medium' ?
      • yes depending on how the config autodetection goes.
    • Debian bugs: several bugs are there at different severities. Most worring is the SIG11 and endian issues.

    • Maintenance in Debian is vigorous

    • Upstream is vigorous

    • Hardware: Does this package deal with hardware and if so how exotic is it ?
      • none.
  5. Standards compliance:

    • FHS, Debian Policy.

      • Package looks FHS compliant. Tons of lintian errors some of which are a bit annoying and bad debconf usage.
    • Debian library packaging guide standards compliance ?

      • Interesting way of shipping libraries.... at best.
    • Packaging system (debhelper/cdbs/dbs) ? Patch system ? Any packaging oddities ?
      • debhelper. patches are inline (diff.gz). Package is complex and requires deep understanding.
  6. Dependencies:

    • Build-deps on gs-common and libprelude-dev that are in universe.
    • Depends on libprelude2 that is in universe.


MIR bug:

The author of this report should put their name here; reviewers will add comments etc. too


MainInclusionReportSnort (last edited 2008-08-06 16:33:11 by localhost)