<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hello Lukas (and team),</p>
<p>Many thanks for the good review and the corrections you pointed
out.</p>
<p>dnsrecon is hopefully ready for upload but ncrack is not ready to
be built with openssl 1.1 so it will surely be removed.</p>
<p>Time ago, I asked upstream to adapt it but the work isn't done,
yet.</p>
<p>Greetings, <br>
</p>
<p>Marcos<br>
</p>
<p> <br>
</p>
<br>
<div class="moz-cite-prefix">El 05/11/17 a las 13:30, Lukas
Schwaighofer escribió:<br>
</div>
<blockquote type="cite" cite="mid:20171105133034.3f931134@localhost">
<pre wrap="">Hi Marcos,
On Sun, 5 Nov 2017 12:32:11 +0100
Marcos Fouces <a class="moz-txt-link-rfc2396E" href="mailto:marcos.fouces@gmail.com"><marcos.fouces@gmail.com></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I prepared new releases for dnsrecon and ncrack. Please, point out
corrections needed or directly upload them.
</pre>
</blockquote>
<pre wrap="">
I took a look and found a few things :
dnsrecon:
* There is a new lintian pedantic tag
"file-contains-trailing-whitespace" which has a few hits you might
want to correct
* Upstream's README.md is really the changelog; I think you should
remove debian/dnsrecon.docs and instead add something like this to
debian/rules:
override_dh_installchangelogs:
dh_installchangelogs README.md
This will install the upstream changelog in the location preferred by
policy [1]. Also avoids a lintian warning that the upstream
changelog is missing.
* Since your helper script changes the current working directory, all
options that allow specifying a file do not work as expected (e.g.
--db, --xml, --csv, --dictionary): Any files given as a relative
path will be relative to /usr/share/dnsrecon which is quite
unexpected. I think you should install the main python script
to /usr/bin/ directly and patch it so it can load the components
from its "lib" module.
ncrack:
* Also some trailing whitespaces.
* debian/copyright needs *a lot* of work. It's very incomplete, e.g.
claiming that anything under opensshlib/* is under the GPL-2+ with
nmap exception as well (and the license clearly states "version 2",
so the "+" should probably be dropped). I know this part of the work
is no fun at all :( .
- This is really an RC bug, as we violate the terms of the license by
distributing the binary packages without the copyright.
- By the way, the format link is preferred to be https since policy
version 4.0.0
* debian/watch could be extended to check upstream's gpg signature.
Signatures can be found here: <a class="moz-txt-link-freetext" href="https://nmap.org/ncrack/dist/sigs/">https://nmap.org/ncrack/dist/sigs/</a>
* the package does not create a dbgsym package, because upstream build
system strips the debug information away. Add "STRIP=/bin/true" to
dh_auto_configure (after --prefix=/usr) to avoid that.
Regards
Lukas
[1] <a class="moz-txt-link-freetext" href="https://www.debian.org/doc/debian-policy/#changelog-files">https://www.debian.org/doc/debian-policy/#changelog-files</a>
</pre>
</blockquote>
<br>
</body>
</html>