[Renaud: please scroll down] On Sun, May 30, 1999 at 10:53:30PM +0200, Javier Fernandez-Sanguino Pen~a wrote: > > > A program I'm currently thinking of packaging (nessus, a network > > > administration tool similar to SATAN) > > > > You shouldn't :) Javier Pena and me are already interested in it, > > and we almost have the package ready. It is possible that Javier's > > package is already accepted in the archive by now... > > Well, as a matter of fact is Javier Fernandez-Sanguino Peña :) And
I'm sorry. > yes, nessus is sitting in Incoming, waiting to be accepted, you can get a > copy from > http://www.dat.etsit.upm.es/~jfs/debian/nessus > Try it if you will. I also noticed one problem - if this package gets accepted, you will have to use epochs for naming the next version, which is alpha2-fix4. I propose that we move these files of Incoming, and that you upload the new version, 0.0.alpha2-fix4. That way there will be no problem in the future (for example, with version 0.5 or 1.0 etc). > > > So my question is, should I provide a non-crypto enabled version, and > > > if so, do I need to have seperate source packages? > > > > Two sources are definitely needed, however, I don't know whether we > > actually need to change the US one to exclude anything crypto related. > > I'm CC:ing also our -legal team, which should know what to do. > > Im not sure about that, US law will nowt allow distribution of > strong criptography, but nessus, as far as I know does not use *strong* > criptography, but someone should check the sources. ¿anyone? I have asked the author, but he didn't say anything. I'm CC:ing him now so he can tell us for sure. > If it does use 128 bit criptography it should have tow sources, > the version I packaged, however (990201) currently does not provide two > packages ,anyone can help? It shouldn't be so hard task, if the source can be left unchanged, than it's only a slight change in debian/control file. -- enJoy -*/\*- http://jagor.srce.hr/~jrodin/
