[openvas-discuss] OpenVAS DevCon 1 write up
neilm at openvas.org
Wed Apr 5 20:50:13 CEST 2006
On Wed, Apr 05, 2006 at 08:13:05PM +0200, Javier Fernández-Sanguino Peña wrote:
> - it's not GNU/Debian. The Project is called 'Debian' the OS is called
> 'Debian GNU/Linux' (or 'Debian GNU/Hurd' or 'Debian GNU/kBSD' depending on
> the kernel).
My mistake for not catching that one, updated.
> - if there are bug fixes in the code from OpenVAS (not name changes) I would
> appreciate if they were published as separate patchsets and properly
> labeled to decide if they could be submitted upstream (to Nessus bugzilla)
> and added to the Nessus packages in Debian too.
> If there are Debian-specific bugs they should be sent to the Debian BTS
Don't worry, this'll happen. I hate it when upstream releases random
tarballs, especially for security issues.
> - you mention you are based on the 2.2.5 codebase, Debian currently ships
> 2.2.7 + patches so it would read that you are not tracking Debian's
> unstable packages
> - ditto for the plugins, I've made significant changes to the 2.2.7 set of
> (GPL) plugins and nobody here seems to be tracking those either
> Those look like they have been merged in the CVS, however.
This is wrong on the wiki. I synced the -plugins package and am
preparing the patch for -core at the moment. We'll be tracking the
Debian packages and using them as 'our upstream' until it gets to a
state when the codebase starts to diverge. Again, updated in the wiki.
> - I'd rather have OpenVAS use libnasl (or nessus-libraries for that matter)
> than change that too just for naming reasons. That way (in Debian) there
> wouldn't be that much replicated code
That's the plan. It'll avoid extra work on all our parts :)
> - Marc Haber offered (in private) a while back (November last year) to
> produce packages for OpenVAS. Maybe it's worth contacting him to get
> OpenVAS packages in unstable as soon as there is a release.
Brill, thanks! I'm happy to co-maintain this too. How about a maintaince
team (as this seems to be the current hot topic on -devel etc)?
A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?
gpg key - http://www.halon.org.uk/pubkey.txt ; the.earth.li B345BDD3
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 191 bytes
Desc: Digital signature
More information about the Openvas-discuss