Comment 15 for bug 1026852

MIR review for libprelude:
 * Builds fine with only main enabled
 * Has a test suite and it is enabled in the build
 * No Ubuntu delta
 * dh_makeshlibs is used, but not dh_makeshlibs -V (would be nice to have this in Debian)
 * Has debian/watch file
 * Update history is slow, but there isn't really much to do
 * The current release is not packaged. 1.0.1 is avilable but this only has 2 bug fixes
 * Will entering main make it harder for the people currently keeping it up to date? no-- should be able to just sync
 * Lintian warnings (lintian ../source/*dsc ../binary/*.deb)
 * Is debian/rules a mess? it's fine
 * there are warnings during the build, but they shouldn't be a problem (in the testsuite, setting variables but not using them, unused functions, etc)
 * Incautious use of malloc/sprintf: spot checked various places and it seems fine-- returns code are checked, string operations are ok
 * Uses of sudo (see audit-packaging.sh) or LD_LIBRARY_PATH (see audit-code.sh)
 * Important bugs (crashers, etc) in Debian or Ubuntu: no
 * Does the package have a CVE history? no
 * binaries are compiled with PIE
 * No initscripts/upstart jobs, dbus services, setuid/fscaps, sudo, cron jobs
 * use of chown() suggests privileged operations, but this seems under the control of the admin (ie, no network services processes untrusted input)

Nothing in this review suggests it needs a security audit. ACK