This report is not properly formatted yet, i'll do that tomorrow, sending like this just so i can send it before Monday (my reports deadline is on Sundays). I started doing a more verbose report but i ended up without having time to organize it in topics and importance, I'm sorry for that.
Expect a proper categorized report in the next 24 hours. * update the team's wiki page to mention http://deb.li/pkgseckali [ https://wiki.debian.org/Teams/pkg-security] * fill a improvement request on weevely for manpage/better help output [ https://github.com/epinna/weevely3/issues/84] * report a problem with tagpending salsa integration explained on the team's wiki, the steps are not working * report broken link at https://wiki.debian.org/JavaPackagingFAQ * send email on ruby team's list to check status of package ruby-progressbar (dep of wpscan), the required version o the package is on salsa but failing some tests. * update the kali-packages-checker script to output the Section of the package (so we know if the package is not on main already) * update the script's output ods file and gdocs spreadsheet * add two fields on the spreadsheet: - MANUAL NOTES: notes about the package that didn't got catch by the script - samueloph's conclusion: my thoughts about the packaging (TODO, WIP,WONT). Other people may add their conclusion's there too * discovered that lintian would probably benefit from a check for windows binaries shipped on the package, mimikatz only ships windows pre-compiled binaries and the only check which would get that is: "source-contains-prebuilt-windows-binary", there should be a lintian "Error" tag there, probably. Still have to discuss that further with my mentors. * talked with users/developers about which tools they would like to see on debian and got a list of 6 packages: - weevely: already on salsa, finishing manpage, opened an issue asking for manpage or better help output [https://github.com/epinna/weevely3/issues/84] - wpscan: needs ruby-progressbar (>=1.6.0), which is being packaged on salsa. The wpscan package is almost ready. - findmyhash: found out we should wait for the ng fork to be released (hash-tool.py) [more info on their guthub page]. - zaproxy: lots of java libs bundled, need to confirm with mentors next steps. - dirbuster: integrated into zaproxy now, focus on that package instead. - beef-xss: needs to package some rubygems, but first it needs some tests. Kali used to "proper" package beef-xss but the amount of regressions lead them to change to a bundled package. Week 1: https://lists.debian.org/debian-outreach/2018/05/msg00025.html Week 2: https://lists.debian.org/debian-outreach/2018/05/msg00066.html Week 3: https://lists.debian.org/debian-outreach/2018/06/msg00018.html -- Samuel Henrique <samueloph>
