Control: tags 1140945 + patch
Control: tags 1140945 + pending

Dear maintainer,

I've prepared an NMU for dnsrecon (versioned as 1.3.1-3.1) and uploaded 
it to DELAYED/2. Please feel free to tell me if I should cancel it.

cu
Adrian
diffstat for dnsrecon-1.3.1 dnsrecon-1.3.1

 changelog                                                               |    7 
 patches/0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch |   28 +
 patches/0002-fix-432.patch                                              |  142 ++++++++++
 patches/series                                                          |    2 
 4 files changed, 179 insertions(+)

diff -Nru dnsrecon-1.3.1/debian/changelog dnsrecon-1.3.1/debian/changelog
--- dnsrecon-1.3.1/debian/changelog	2025-10-12 22:32:30.000000000 +0300
+++ dnsrecon-1.3.1/debian/changelog	2026-07-05 17:05:50.000000000 +0300
@@ -1,3 +1,10 @@
+dnsrecon (1.3.1-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Backport upstream fix for Python 3.14. (Closes: #1140945)
+
+ -- Adrian Bunk <[email protected]>  Sun, 05 Jul 2026 17:05:50 +0300
+
 dnsrecon (1.3.1-3) unstable; urgency=medium
 
   * Team upload.
diff -Nru dnsrecon-1.3.1/debian/patches/0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch dnsrecon-1.3.1/debian/patches/0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch
--- dnsrecon-1.3.1/debian/patches/0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch	1970-01-01 02:00:00.000000000 +0200
+++ dnsrecon-1.3.1/debian/patches/0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch	2026-07-05 17:04:23.000000000 +0300
@@ -0,0 +1,28 @@
+From b894f097796eaedd9729df012e590c16bcf1b9d5 Mon Sep 17 00:00:00 2001
+From: "J.Townsend" <[email protected]>
+Date: Sun, 27 Jul 2025 04:14:29 +0100
+Subject: Potential fix for code scanning alert no. 21: Regular expression
+ injection
+
+Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
+---
+ dnsrecon/lib/bingenum.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/dnsrecon/lib/bingenum.py b/dnsrecon/lib/bingenum.py
+index 0688b66..b6e225e 100644
+--- a/dnsrecon/lib/bingenum.py
++++ b/dnsrecon/lib/bingenum.py
+@@ -62,7 +62,8 @@ def scrape_bing(dom):
+ 
+         sock = urllib.request.urlopen(req, timeout=10)
+         data = sock.read().decode('utf-8')
+-        results.extend(re.findall(r'([a-zA-Z0-9\-.]+' + dom + ')/?', data))
++        safe_dom = re.escape(dom)
++        results.extend(re.findall(r'([a-zA-Z0-9\-.]+' + safe_dom + ')/?', data))
+         sock.close()
+         time.sleep(5)
+ 
+-- 
+2.47.3
+
diff -Nru dnsrecon-1.3.1/debian/patches/0002-fix-432.patch dnsrecon-1.3.1/debian/patches/0002-fix-432.patch
--- dnsrecon-1.3.1/debian/patches/0002-fix-432.patch	1970-01-01 02:00:00.000000000 +0200
+++ dnsrecon-1.3.1/debian/patches/0002-fix-432.patch	2026-07-05 17:04:23.000000000 +0300
@@ -0,0 +1,142 @@
+From 378f15cd0d80436f411c32e199c5d4ad281e5b46 Mon Sep 17 00:00:00 2001
+From: L1ghtn1ng <[email protected]>
+Date: Sun, 7 Dec 2025 05:03:09 +0000
+Subject: fix #432
+
+---
+ dnsrecon/lib/bingenum.py   | 34 +++++++++------------------
+ dnsrecon/lib/yandexenum.py | 47 +++++++++++++++++++-------------------
+ 2 files changed, 35 insertions(+), 46 deletions(-)
+
+diff --git a/dnsrecon/lib/bingenum.py b/dnsrecon/lib/bingenum.py
+index b6e225e..95cf426 100644
+--- a/dnsrecon/lib/bingenum.py
++++ b/dnsrecon/lib/bingenum.py
+@@ -15,15 +15,10 @@
+ 
+ import re
+ import time
+-import urllib.request
+ 
+-__name__ = 'bingenum'
+-
+-url_opener = urllib.request.FancyURLopener
++import httpx
+ 
+-
+-class AppURLopener(url_opener):
+-    version = 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)'
++__name__ = 'bingenum'
+ 
+ 
+ def scrape_bing(dom):
+@@ -48,24 +43,17 @@ def scrape_bing(dom):
+         '140',
+         '150',
+     ]
+-    urllib._urlopener = AppURLopener()
+ 
+-    for n in searches:
+-        url = 'https://www.bing.com/search?q=domain%3A' + dom + '&qs=n&first=' + n
+-        req = urllib.request.Request(
+-            url,
+-            data=None,
+-            headers={
+-                'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36'
+-            },
+-        )
++    headers = {'User-Agent': 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)'}
+ 
+-        sock = urllib.request.urlopen(req, timeout=10)
+-        data = sock.read().decode('utf-8')
+-        safe_dom = re.escape(dom)
+-        results.extend(re.findall(r'([a-zA-Z0-9\-.]+' + safe_dom + ')/?', data))
+-        sock.close()
+-        time.sleep(5)
++    with httpx.Client(headers=headers) as client:
++        for n in searches:
++            url = 'https://www.bing.com/search?q=domain%3A' + dom + '&qs=n&first=' + n
++            response = client.get(url, timeout=10.0)
++            data = response.text
++            safe_dom = re.escape(dom)
++            results.extend(re.findall(r'([a-zA-Z0-9\-.]+' + safe_dom + ')/?', data))
++            time.sleep(5)
+ 
+     return unique(results)
+ 
+diff --git a/dnsrecon/lib/yandexenum.py b/dnsrecon/lib/yandexenum.py
+index d463544..4607b3b 100644
+--- a/dnsrecon/lib/yandexenum.py
++++ b/dnsrecon/lib/yandexenum.py
+@@ -17,18 +17,11 @@
+ 
+ import re
+ import time
+-import urllib
+-import urllib.request
+ 
++import httpx
+ from loguru import logger
+ 
+ __name__ = 'yandexenum'
+-url_opener = urllib.request.FancyURLopener
+-
+-
+-class AppURLopener(url_opener):
+-    version = """Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
+-                     (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"""
+ 
+ 
+ def scrape_yandex(dom):
+@@ -37,25 +30,33 @@ def scrape_yandex(dom):
+     """
+     results = []
+     searches = ['1', '2', '3', '4', '5', '10', '20', '30']
+-    urllib._urlopener = AppURLopener()
+ 
+-    for _ in searches:
+-        url = 'https://yandex.com/search/?text=site%3A' + dom
+-        try:
+-            sock = urllib.request.urlopen(url, timeout=10)
+-            data = sock.read().decode('utf-8')
+-            sock.close()
+-        except Exception as e:
+-            logger.error(e)
+-            return []
++    headers = {
++        'User-Agent': (
++            'Mozilla/5.0 (Windows NT 10.0; Win64; x64) '
++            'AppleWebKit/537.36 (KHTML, like Gecko) '
++            'Chrome/42.0.2311.135 Safari/537.36 Edge/12.246'
++        )
++    }
++
++    with httpx.Client(headers=headers) as client:
++        for _ in searches:
++            url = 'https://yandex.com/search/?text=site%3A' + dom
++            try:
++                response = client.get(url, timeout=10.0)
++                data = response.text
++            except Exception as e:
++                logger.error(e)
++                return []
+ 
+-        if re.search('enter_captcha_value', data):
+-            logger.error("Yandex has detected the search as 'bot activity, stopping search...")
+-            return unique(results)
++            if re.search('enter_captcha_value', data):
++                logger.error("Yandex has detected the search as 'bot activity, stopping search...")
++                return unique(results)
+ 
+-        results.extend(re.findall(r'([a-zA-Z0-9\-\.]+' + dom + ')/?', data))
++            safe_dom = re.escape(dom)
++            results.extend(re.findall(r'([a-zA-Z0-9\-\.]+' + safe_dom + ')/?', data))
+ 
+-        time.sleep(10)
++            time.sleep(10)
+ 
+     return unique(results)
+ 
+-- 
+2.47.3
+
diff -Nru dnsrecon-1.3.1/debian/patches/series dnsrecon-1.3.1/debian/patches/series
--- dnsrecon-1.3.1/debian/patches/series	1970-01-01 02:00:00.000000000 +0200
+++ dnsrecon-1.3.1/debian/patches/series	2026-07-05 17:05:02.000000000 +0300
@@ -0,0 +1,2 @@
+0001-Potential-fix-for-code-scanning-alert-no.-21-Regular.patch
+0002-fix-432.patch

Reply via email to