I reviewed jemalloc 5.3.0-2build1 as checked into plucky. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
jemalloc is a general purpose malloc(3) implementation that emphasizes
fragmentation avoidance and scalable concurrency support.
- CVE History
- no C
I reviewed libva 2.22.0-3 as checked into plucky. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
libva is a Libva is an implementation for VA-API (Video Acceleration
API)
- CVE History
- Only one CVE appears to exist against this library
(CVE-2024-39
I just wanted to complement the review with a few remarks.
The recommendation I made about disabling the trace feature is more of
a precaution than anything else. It is a feature I believe it is
unnecessary to have in a production environment but I may be wrong. In
the end, if disabling the featur
