from:"aquilamacedo"

Bug#1068773: Subject: blhc: Stack clash and branch protection flag issues in Debian Bookworm and older releases

2024-04-10 Thread aquilamacedo

Package: blhc
X-Debbugs-Cc: car...@debian.org, aquilamac...@riseup.net
Version: 0.13-5
Severity: normal

Dear Maintainer,

I am writing to report an issue that has been observed during the Salsa
CI process for Debian Bookworm and older releases. The problem arises
when checking for stack clash protection (-fstack-clash-protection) and
branch protection (amd64: -fcf-protection, arm64:
-mbranch-protection=standard). These checks were requested by Emanuele
Rocca (Debian Bug #1050909 and #1050912).

The issue manifests as a compilation error. For instance, you can see
the error in this job:
https://salsa.debian.org/kernel-team/linux/-/jobs/5496461.

The issue was first noticed by @carnil during a routine check. The error
message indicates that the CFLAGS are missing (-fstack-clash-protection
-fcf-protection).

The ${RELEASE} variable in the context of this issue refers to the
specific Debian release being used during the Salsa CI process. One
potential solution that has been considered is to ensure that
blhc:${RELEASE} correctly handles the flags for each release. This
approach could alleviate the compilation errors and ensure consistency
across different Debian releases.

For more details, you can check the issue in the Salsa CI repository at
https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/340

Before proceeding with any changes, I would appreciate your input on
this matter. Specifically, do you think it would be sensible to use blhc
from each release? Your insights would be greatly appreciated.

Cheers,

Bug#1067515: ITP: waymore -- Tool to discover extensive data from online archives

2024-03-22 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: waymore
  Version : 3.7
  Upstream Contact: @xnl-h4ck3r
* URL : https://github.com/xnl-h4ck3r/waymore
* License : Expat
  Programming Lang: Python3
  Description : Tool to discover extensive data from online archives

waymore is a versatile tool designed to extract comprehensive
information
from various sources including the Wayback Machine, Common Crawl, Alien
Vault
OTX, URLScan, and VirusTotal. Whether you're searching for historical
web data
or analyzing security threats, waymore provides a seamless experience
with its
intuitive interface and extensive features.

I'm writing to submit an Intention to Package (ITP) for waymore
under the pkg-security team's umbrella.

Bug#1066829: ITP: assetfinder -- Find domains and subdomains related to a given domain

2024-03-13 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: assetfinder
  Version : 0.1.1
  Upstream Contact: Tom Hudson 
* URL : https://github.com/tomnomnom/assetfinder
* License : MIT 
  Programming Lang: Golang
  Description : Find domains and subdomains related to a given
domain

assetfinder is a command-line tool to find domains and subdomains
potentially
related to a specified domain. Enhances domain discovery for
comprehensive analysis.

I'm writing to submit an Intention to Package (ITP) for assetfinder
under
the pkg-security team's umbrella.

Bug#1065812: ITP: paramspider -- Mining parameters from dark corners of Web Archives

2024-03-09 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: paramspider
  Version : 1.0.1
  Upstream Contact: Devansh Batham 
* URL : https://github.com/devanshbatham/ParamSpider
* License : MIT
  Programming Lang: Python3
  Description : Mining parameters from dark corners of Web Archives

paramspider allows you to fetch URLs related to any domain or a list
of domains from Wayback Archives. It filters out "boring" URLs, allowing
you to focus on the ones that matter the most.

I'm writing to submit an Intention to Package (ITP) for paramspider
under the pkg-security team's umbrella.

Bug#1065673: ITP: httprobe -- Take a list of domains and probe for working HTTP and HTTPS servers

2024-03-08 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: httprobe
  Version : 0.2
  Upstream Contact: Tom Hudson 
* URL : https://github.com/tomnomnom/httprobe
* License : MIT
  Programming Lang: Golang
  Description : Take a list of domains and probe for working HTTP
and HTTPS servers

httprobe is a versatile tool designed for probing and identifying
working HTTP and HTTPS servers from a list of domains.

I'm writing to submit an Intention to Package (ITP) for httprobe under
the pkg-security team's umbrella.

Bug#1065670: ITP: exiflooter -- finds geolocation on all image urls and directories

2024-03-08 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: exiflooter
  Version : 1.0.0+git20231228.22e4700
  Upstream Contact: Yunus AYDIN 
* URL : https://github.com/aydinnyunus/exiflooter
* License : Apache-2.0
  Programming Lang: Golang
  Description : finds geolocation on all image urls and directories

ExifLooter finds geolocation on all image urls and directories also
integrates
with OpenStreetMap.

I'm writing to submit an Intention to Package (ITP) for exiflooter
under the pkg-security team's umbrella.

Bug#1065669: ITP: raven -- A lightweight http file upload service used for penetration testing and incident response.

2024-03-08 Thread aquilamacedo

Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org
Owner: Aquila Macedo Costa 
Severity: wishlist

* Package name: raven
  Version : 1.0.1
  Upstream Contact: Tristram 
* URL : https://github.com/gh0x0st/raven
* License : MIT
  Programming Lang: Python3
  Description : A lightweight http file upload service used for
penetration testing and incident response.

This package contains a Python tool that extends the capabilities of the
http.server Python module by offering a self-contained file upload web
server.
While the common practice is to use python3 -m http.server 80 to serve
files
for remote client downloads, Raven addresses the need for a similar
solution
when you need the ability to receive files from remote clients. This
becomes
especially valuable in scenarios such as penetration testing and
incident
response procedures when protocols such as SMB may not be a viable
option.

I'm writing to submit an Intention to Package (ITP) for raven
under the pkg-security team's umbrella.

Bug#1068773: Subject: blhc: Stack clash and branch protection flag issues in Debian Bookworm and older releases

Bug#1067515: ITP: waymore -- Tool to discover extensive data from online archives

Bug#1066829: ITP: assetfinder -- Find domains and subdomains related to a given domain

Bug#1065812: ITP: paramspider -- Mining parameters from dark corners of Web Archives

Bug#1065673: ITP: httprobe -- Take a list of domains and probe for working HTTP and HTTPS servers

Bug#1065670: ITP: exiflooter -- finds geolocation on all image urls and directories

Bug#1065669: ITP: raven -- A lightweight http file upload service used for penetration testing and incident response.

7 matches

Site Navigation

Mail list logo

Footer information