MainInclusionReportSnort
Main Inclusion Report for sourcepackage
Requirements
Availability: [http://archive.ubuntu.com/ubuntu/pool/universe/s/snort]; available for all supported architectures.
Rationale:
Security:
[http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=snort CVE entries]: this is a nightmare...
[http://secunia.com/search/?search=snort Secunia history]: another nightmare on elm street.
- Any binaries running as root or suid/sgid ? Any daemons ?
- yes. there is a daemon running.
- Network activity: does it open any port ? Does it handle incoming network data ?
- Given the nature of the package...
- Any source code review performed ? (The approver will do a quick and shallow check.)
- no.
Quality assurance:
- In what situations does the package not work out of the box without configuration ?
- afaict it works out of the box. it seems to have sane defaults. Can't test all the options in my environment.
- Does the package ask any debconf questions higher than priority 'medium' ?
- yes depending on how the config autodetection goes.
[http://bugs.debian.org/src:snort Debian bugs]: several bugs are there at different severities. Most worring is the SIG11 and endian issues.
[http://packages.qa.debian.org/s/snort.html Maintenance in Debian] is vigorous
[http://www.snort.org/ Upstream] is vigorous
- Hardware: Does this package deal with hardware and if so how exotic is it ?
- none.
- In what situations does the package not work out of the box without configuration ?
Standards compliance:
[http://www.pathname.com/fhs/ FHS], [http://www.de.debian.org/doc/debian-policy/ Debian Policy].
- Package looks FHS compliant. Tons of lintian errors some of which are a bit annoying and bad debconf usage.
[http://www.netfort.gr.jp/~dancer/column/libpkg-guide/libpkg-guide.html Debian library packaging guide] standards compliance ?
- Interesting way of shipping libraries.... at best.
- Packaging system (debhelper/cdbs/dbs) ? Patch system ? Any packaging oddities ?
- debhelper. patches are inline (diff.gz). Package is complex and requires deep understanding.
Dependencies:
- Build-deps on gs-common and libprelude-dev that are in universe.
- Depends on libprelude2 that is in universe.
Reviewers
MIR bug: [https://bugs.launchpad.net/182806]
The author of this report should put their name here; reviewers will add comments etc. too