Package: forensics-all
Version: 1.6
Severity: important
Hi,
the new forensics-all metapackage at version 1.6 pulls in
grr-server. grr-server is the server side of an incident response
framework. It is surely not meant for what forensics-all is meant
according to the package description:
> This package provides the core components for a forensics
> environment. […] This metapackage includes the most programs to data
> recovery, rootkit and exploit search, filesystems and memory
> analysis, image acquisition, volume inspection, special actions over
> the hardware and many other activities. […] This package is useful
> for pentesters, ethical hackers and forensics experts.
From my point of view, grr-server is surely wrong in this metapackage,
not only because of its purpose but also because such a metapackage
should never hard-depend on any packages which start daemons or server
software.
Please either move the dependency on grr-server to one of the other
(maybe more fitting) forensic metapackages or at least downgrade the
dependency to a "Recommends" if not "Suggests".
Setting the severity to "important" as this makes this metapackage
more or less unusable, at least IMHO. (Feel free to downgrade if you
disagree.)
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'),
(500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'), (1,
'buildd-experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.11.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages forensics-all (1.5) depends on:
ii aesfix 1.0.1-5
ii aeskeyfind 1:1.0-4
ii afflib-tools 3.7.15-1
ii bruteforce-salted-openssl 1.3.3-1
ii cewl 5.3-1
ii chaosreader0.96-2
ii crack-md5 [crack] 5.0a-11
ii dc3dd 7.2.646-1
ii dislocker 0.6.1-7
ii ed2k-hash 0.3.3+deb2-3
ii ewf-tools 20140608-6+b2
ii exifprobe 2.0.1-11
ii ext3grep 0.10.2-3+b1
ii ext4magic 0.3.2-7
ii extundelete0.2.4-1+b2
ii fcrackzip 1.0-8
ii forensics-colorize 1.1-2
ii galleta1.0+20040505-8
ii gpart 1:0.3-3
ii grokevt0.4.1-10
ii guymager 0.8.3-1
ii hashrat1.8.7+dfsg-2
ii mac-robber 1.02-5
ii magicrescue1.1.9-4
ii memdump1.01-7+b1
ii metacam1.2-9
ii missidentify 1.0-8
ii myrescue 0.9.4-9
ii nasty 0.6-3
ii outguess 1:0.2-8
ii pasco 20040505-2
ii pff-tools 20120802-5+b2
ii pipebench 0.40-4
ii plaso 1.5.1+dfsg-3
ii pompem 0.2.0-2
ii recoverdm 0.20-4
ii recoverjpeg2.6.1-1
ii reglookup 1.0.1+svn287-6
ii rekall-core1.6.0+dfsg-2
ii rephrase 0.2-2
ii rifiuti20040505-1
ii rifiuti2 0.6.1-5
ii rkhunter 1.4.4-1
ii rsakeyfind 1:1.0-4
ii safecopy 1.7-2
ii scalpel1.60-4
ii scrounge-ntfs 0.9-8
ii shed 1.15-3+b1
ii sleuthkit 4.4.0-5
ii ssdeep 2.13-3
ii steghide 0.5.1-12
ii tableau-parm 0.2.0-4
ii undbx 0.21-1
ii unhide 20130526-1
ii unhide.rb 22-2
ii vinetto1:0.07-7
ii volatility 2.6-1
ii volatility-tools 2.6-1
ii winregfs 0.7-1
ii wipe 0.24-2
ii yara 3.6.2+dfsg-4
Versions of packages forensics-all recommends:
ii hashdeep 4.4-4
Versions of packages forensics-all suggests:
pn forensics-extra
pn forensics-extra-gui
pn forensics-full
-- no debconf information