** Description changed: == Requirements == [Availability] Currently in universe. Package in LP: https://launchpad.net/ubuntu/+source/ledmon Upstream: https://github.com/intel/ledmon [Rationale] 1.OEM projects needs to include ledmon for VROC suport (LP: #1759225) 2.Intel still maintains upstream for that (LP: #1668126) 3.Dependencies already in main. [Security] No security issues exposed so far. We may need to rely on Intel to be aware of upstream commits for security fixes. [Quality Assurance] 1.No debconf questions 2.No outstanding bugs 3.I can help to make sure the consistency for status of important bugs in Debian's/Ubuntu's, and upstream's bug (on github). 4.Ledmon only supports Intel related storage controller (e.g. AHCI/iSCSI/VMD controller) 5.No test suite shipped with ledmon 6.No dependencies with obsolete or demoted packages [UI standards] 1.This is a CLI tool/daemon service. It has normal CLI style short help and man pages. (man ledmon/ledctl) 2.No desktop file required as it is a backend tool. [Dependencies] build-depends: perl (main), libsgutils2-dev (main), libudev-dev (main) binary-depends: openipmi (main) [Standards Compliance] The package should meet the FHS and Debian Policy standards. [Maintenance] - Package owning team: The foundation team (we're discussed this recently and give them a notify) + Package owning team: The Foundations team Debian package maintained by Daniel Jared Dominguez (but seems he didn't maintain the latest one: currently the version 0.90 on upstream and it's 0.79-2 on debian) https://tracker.debian.org/pkg/ledmon [Background Information] ledmon and ledctl are userspace tools designed to control storage enclosure LEDs. The user must have root privileges to use these tools. These tools use the SGPIO and SES-2 protocols to monitor and control LEDs. They been verified to work with Intel(R) storage controllers (i.e. the Intel(R) AHCI controller) and have not been tested with storage controllers of other vendors (especially SAS/SCSI controllers). For backplane enclosures attached to ISCI controllers, support is limited to Intel(R) Intelligent Backplanes. == Security checks == 1.http://cve.mitre.org/cve/search_cve_list.html: Search in the National Vulnerability Database using the package as a keyword - * There are 0 CVE entries that match your search. + * There are 0 CVE entries that match your search. - 2.Check OSS security mailing list (feed 'site:www.openwall.com/lists/oss-security <pkgname>' into search engine) - * No security issue found + 2.Check OSS security mailing list (feed 'site:www.openwall.com/lists/oss-security <pkgname>' into search engine) + * No security issue found 3.Ubuntu CVE Tracker - http://people.ubuntu.com/~ubuntu-security/cve/main.htm - * No - http://people.ubuntu.com/~ubuntu-security/cve/universe.html - * No - http://people.ubuntu.com/~ubuntu-security/cve/partner.html - * No + http://people.ubuntu.com/~ubuntu-security/cve/main.htm + * No + http://people.ubuntu.com/~ubuntu-security/cve/universe.html + * No + http://people.ubuntu.com/~ubuntu-security/cve/partner.html + * No - 4.Check for security relevant binaries. If any are present, this requires a more in-depth security review. - * Executables which have the suid or sgid bit set. - No - * Executables in /sbin, /usr/sbin. - Yes - * Packages which install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*) - No - * Packages which open privileged ports (ports < 1024). - No - * Add-ons and plugins to security-sensitive software (filters, scanners, UI skins, etc) - No + 4.Check for security relevant binaries. If any are present, this requires a more in-depth security review. + * Executables which have the suid or sgid bit set. + No + * Executables in /sbin, /usr/sbin. + Yes + * Packages which install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*) + No + * Packages which open privileged ports (ports < 1024). + No + * Add-ons and plugins to security-sensitive software (filters, scanners, UI skins, etc) + No
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1794219 Title: [MIR] ledmon To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1794219/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
