Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

False packet loss when using shared libpcap from Ubuntu 14.04 #34

Open
nnposter opened this issue Dec 31, 2014 · 15 comments
Open

False packet loss when using shared libpcap from Ubuntu 14.04 #34

nnposter opened this issue Dec 31, 2014 · 15 comments

Comments

@nnposter
Copy link

@nnposter nnposter commented Dec 31, 2014

Nmap compiled on Ubuntu 14.04 with the shared instance of libpcap is reporting lost packets, which in turn significantly impacts performance and quality of results. However, simultaneously running Wireshark on the same host does see them. The same issue is not experienced when compiled with the included instance of libpcap.

Details are available at http://seclists.org/nmap-dev/2014/q2/538

Possibly related:
http://seclists.org/nmap-dev/2014/q2/548
http://seclists.org/nmap-dev/2014/q2/341

@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Jan 12, 2015

Confirmed on Ubuntu 14.04 on VirtualBox with NAT adapter. Dynamic-linked with system libpcap sends about 2x as many packets and takes 4 times as long.

@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Jan 12, 2015

Regarding the 2x as many packets: A dropped probe results in an increased number of retries. Since most ports are closed, this means most ports will get an extra retry. I'm seeing anywhere between 1 and 3 extra retries for the system-libpcap, which if the default is 1 retry, means between 1.5 and 2.5 times as many packets sent. Still no clue as to why it's happening, though.

@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Jan 13, 2015

Ok, I'm not sure why packets are being dropped: maybe that's a bug on our end. But I do see a solid reproducible difference between the two libpcaps in terms of time taken to get one packet. Command to reproduce: nmap -n -Pn -p 80 -d --packet-trace scanme.nmap.org. This sends exactly 1 SYN packet, receives exactly 1 SYNACK, and then the OS sends a RST (assuming no real network problems).

Within readip_pcap, we call pcap_select (from libnetutil) to wait for a pcap fd to be available for reading. With our included libpcap, select returns almost immediately, since a packet is available on the pcap fd. With the system libpcap, it waits the entire timeout (1 second for the first packet at least) before returning. The receive time on the packet is the same, so there's no difference in how fast the packet is processed; the select call is the only thing delaying things.

I don't know if this is related, but just above the pcap_select call in readip_pcap, we try to do a non-blocking read by doing pcap_setnonblock followed by pcap_next. But the man page for pcap_setnonblock says that pcap_next "will not work in non-blocking mode." It looks like we should be able to eliminate that whole code block, but I don't think it will affect this issue.

berdario pushed a commit to berdario/dotfiles that referenced this issue Apr 11, 2015
@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Apr 27, 2015

Ok, I've got good news and bad news, but I'm not sure which is which.

First, the difference between our included libpcap 1.5.3 and the system one is the result of a bug in our version. We introduced a configure option to turn off packet ring capture support for some 2.6 kernels that can't produce a good 32-bit binary. This is implemented as a preprocessor macro, PCAP_SUPPORT_PACKET_RING, but we forgot to put it into libpcap/configure.h.in so effectively this support is always turned off with the included libpcap. If I "fix" this problem, then we get the packet loss events with both included and system libpcaps.

Second, I believe the problem is related to this libpcap issue: the-tcpdump-group/libpcap#335. Note: related, but not identical. The "fix" for that issue is already in libpcap 1.5.3, so we have it. There's a couple related changes to the Linux kernel this year that address the deficiency (one linked from this one: torvalds/linux@41a50d621)

@dmiller-nmap dmiller-nmap added this to the Release codename Auxesis milestone Apr 29, 2015
@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented May 21, 2015

A few final notes on this issue:

  • The most relevant bug report on libpcap for this issue is the-tcpdump-group/libpcap#380. The suggested workaround there is using a very short timeout on select(). I can confirm that this works to avoid packet loss if we add a short-timeout select before the primary one in readip_pcap, but I can't figure out how to make this a general solution that doesn't alter the timing too much or just become a busy wait. Example patch:
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -1710,6 +1710,9 @@ char *readip_pcap(pcap_t *pd, unsigned int *len, long to_usec,

     if (p == NULL) {
       /* Nonblocking pcap_next didn't get anything. */
+      if (to_usec < 200000 && pcap_select(pd, to_usec) > 0)
+        p = (char *) pcap_next(pd, &head);
+      else
       if (pcap_select(pd, to_usec) == 0)
         timedout = 1;
       else
  • As noted in that libpcap issue, the underlying problem is a bug in Linux TPACKET_V3 mmapped packet capture. This bug was fixed in Linux 3.19, and I can confirm that Nmap has no further issues on Linux 4.0. Please file bug reports with your distros to backport the patch if possible: torvalds/linux@da413ee
  • As a workaround, you can configure Nmap --disable-packet-ring --with-libpcap=included (an option that is passed along to libpcap's configure script). This disables the packet ring mmapped packet capture, which could slow down Nmap in very-high-packet-rate cases, but will be far less troublesome than this particular bug. Alternatively, you could try to muck around in libpcap/pcap-linux.c to try to downgrade to TPACKET_V2 which does not have this problem, but I have not tried that.

Given that we have these workarounds, and the bug is demonstrated to be in the Linux kernel code, not in Nmap or libpcap, I am removing the release milestone. I will leave the bug open until either several major distros backport the kernel fix or we find a suitable workaround.

@dmiller-nmap dmiller-nmap removed this from the Release codename Auxesis milestone May 21, 2015
@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented May 21, 2015

@nnposter
Copy link
Author

@nnposter nnposter commented Jul 7, 2015

FWIW I have experimented with downgrading to TPACKET_V2, instead of disabling the packet ring. The downgrade does rectify the issue but in my light testing I have not noticed any material performance advantages.

Here is the corresponding patch if anybody cares for it.

--- a/libpcap/pcap-linux.c
+++ b/libpcap/pcap-linux.c
@@ -188,6 +188,8 @@
 # endif /* PACKET_HOST */


+# undef TPACKET3_HDRLEN
+
  /* check for memory mapped access avaibility. We assume every needed
   * struct is defined if the macro TPACKET_HDRLEN is defined, because it
   * uses many ring related structs and macros */

@pr0letariat
Copy link

@pr0letariat pr0letariat commented Nov 23, 2015

Is this fixed in Nmap 7?

@mpontillo
Copy link

@mpontillo mpontillo commented Sep 14, 2016

Cross-posting here from the related Launchpad issue. Inspired by the flow-disruptor workaround, I did a proof-of-concept nmap workaround as follows:

$ svn diff libnetutil/netutil.cc
Index: libnetutil/netutil.cc
===================================================================
--- libnetutil/netutil.cc   (revision 36280)
+++ libnetutil/netutil.cc   (working copy)
@@ -4073,7 +4073,8 @@
   Strncpy(pcapdev, device, sizeof(pcapdev));
 #endif
   do {
-    pt = pcap_open_live(pcapdev, snaplen, promisc, to_ms, err0r);
+    //pt = pcap_open_live(pcapdev, snaplen, promisc, to_ms, err0r);
+    pt = pcap_create(pcapdev, err0r);
     if (!pt) {
       failed++;
       if (failed >= 3) {
@@ -4084,6 +4085,11 @@
       sleep( compute_sleep_time(failed) );
     }
   } while (!pt);
+  pcap_set_promisc(pt, promisc);
+  pcap_set_timeout(pt, to_ms);
+  pcap_set_snaplen(pt, snaplen);
+  pcap_set_immediate_mode(pt, 1);
+  pcap_activate(pt);

 #ifdef WIN32
   if (wait == WAIT_ABANDONED || wait == WAIT_OBJECT_0) {

Obviously, this is nowhere near production-ready code, but I wanted to convince myself that the pcap_set_immediate_mode() workaround could work in nmap as well.

This caused the scan of a single host (using an Ubuntu 16.04 "Xenial" host running kernel 4.4.0) to go from taking ~45 seconds to ~5 seconds.

For the record, the test case I used was: sudo time ./nmap -sS -vv <host>.

@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Sep 14, 2016

@pontillo Thanks for notifying us! I'd like to play around with immediate mode a bit more to see how it could best work for us, but for now I'd settle for reproducing the original bug on a >3.19 kernel or at least fully describing and isolating it. Can you provide the output of nmap --version and uname -a for the setup that causes 45-second scans? Thanks!

@mpontillo
Copy link

@mpontillo mpontillo commented Sep 15, 2016

Sure; below are some additional details.

First, here is my uname -a:

Linux xenial 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:01:55 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

I tested with both the current version of nmap in Ubuntu 16.04, and a version I built from source (using the nmap-7.10 branch in Subversion).

The version packaged with Ubuntu (which, after running apt-get source nmap and checking debian/rules, you can tell is compiled with --with-liblua --with-liblinear --enable-ipv6) is:

Nmap version 7.01 ( https://nmap.org )
Platform: x86_64-pc-linux-gnu
Compiled with: liblua-5.2.4 openssl-1.0.2g libpcre-8.38 libpcap-1.7.4 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

With that version, I first saw the symptom: long scan times, and messages like the following printed to the console:

Increasing send delay for 192.168.0.9 from 0 to 5 due to 92 out of 306 dropped probes since last increase.
...
Nmap done: 1 IP address (1 host up) scanned in 45.53 seconds
           Raw packets sent: 2754 (121.160KB) | Rcvd: 1266 (50.652KB)
0.08user 0.08system 0:45.55elapsed 0%CPU (0avgtext+0avgdata 14852maxresident)k
1336inputs+0outputs (0major+1982minor)pagefaults 0swaps

I saw the same issue in the nmap-7.10 branch when I compiled from source. Then I compiled with the workaround I posted, (with no ./configure arguments, so it would use the shared library version of libpcap) as follows:

Nmap version 7.12 ( https://nmap.org )
Platform: x86_64-unknown-linux-gnu
Compiled with: nmap-liblua-5.2.4 openssl-1.0.2g libpcre-8.38 libpcap-1.7.4 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

The output from this version was normal, such as:

Nmap done: 1 IP address (1 host up) scanned in 5.99 seconds
           Raw packets sent: 1339 (58.900KB) | Rcvd: 1001 (40.052KB)
0.05user 0.02system 0:06.02elapsed 1%CPU (0avgtext+0avgdata 14472maxresident)k
2696inputs+0outputs (1major+1951minor)pagefaults 0swaps

@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Jul 17, 2018

I am in the process of updating the included libpcap to 1.8.1. I am going to optimistically remove our "disable TPACKET_V3" workaround and see how things go. I think it's important to record here the comment that @guyharris left on the-tcpdup-group/libpcap#380:

Linux kernel bug, about which there's not much we can do. If you're not using non-blocking mode and select()/poll()/epoll(), we work around it, as best we can, with a short poll() timeout inside libpcap. If you are using non-blocking mode and select()/poll()/epoll(), you have to work around it by making sure you have a short timeout in the select()/poll()/epoll(), at least on kernels with the bug, and, if the timer expires, call pcap_dispatch(). (With a high packet arrival rate, when blocking mode is used, TPACKET_V3 drops fewer packets than TPACKET_V2, so "don't use TPACKET_V3 on pre-3.19 kernels" isn't the right answer.)

@djcater
Copy link

@djcater djcater commented Aug 2, 2018

I am going to optimistically remove our "disable TPACKET_V3" workaround and see how things go

@dmiller-nmap I tested Nmap 7.70SVN from a few days ago, which included the upgraded libpcap (built with --with-libpcap=included), and unfortunately I can still reproduce the false packet drops.

I have some further analysis which I can add later, but essentially on Ubuntu 18.04 with kernel 4.15, Nmap thinks there are packet drops (whereas Wireshark confirms that there are not). E.g. in Wireshark I can see the RST response to a SYN port probe come back almost immediately, but Nmap doesn't see it according to the debug output, and so it sends another probe. In the Nmap debug output for one closed port it looks something like:

-> S
(Wait)
-> S
<- RA
Ultrascan DROPPED probe packet to ... detected
Increased max_successful tryno for ... to 1 (packet drop)
<- RA

But in Wireshark it shows up as:

-> S
<- RA
(Wait)
-> S
<- RA

I confirmed that the # undef TPACKET3_HDRLEN fix in Nmap's libpcap fixed it.

I also confirmed that building with --disable-packet-ring fixed it.

I also confirmed that the pcap_set_immediate_mode patch fixed it.

So out of the 3 possible fixes, I've stuck with the 3rd one for now, because that fixes the issue regardless of whether the system libpcap is used or if Nmap's libpcap is used. And as Nmap relies on precise timing information for its scanning, it seems logical to me to use immediate mode. I think that's important because at the moment I can reproduce the issue with the Nmap 7.60 shipped with Ubuntu 18.04, as they are building with the system libpcap (1.8.1) to avoid have multiple copies of the same library. Kali appears to build with Nmap's libpcap included, so doesn't have this problem due to the in-tree # undef patch. So without fixing it outside of libpcap (e.g. in libnetutil), people using the default Nmap from Ubuntu (and perhaps other distributions) are always going to have this problem, slowing down their scans for no reason.

I can reproduce this reliably, so please let me know if there's anything you want me to test.

TL;DR: You still need to make some form of change to avoid this problem, even with libpcap 1.8.1 and a modern kernel such as 4.15.

@guyharris
Copy link

@guyharris guyharris commented Aug 2, 2018

And as Nmap relies on precise timing information for its scanning, it seems logical to me to use immediate mode.

If you're developing an application that's passively sniffing for packets, and do not care whether you see packets as soon as they arrive, but are willing to wait in order to get multiple packets per wakeup (causing fewer kernel <-> user transitions), then your application shouldn't use immediate mode.

If, however, you're developing an application that does want to see packets as soon as they arrive, and are willing to put up with more wakeups, then your application should use immediate mode.

So, if nmap is in the latter category, it should use immediate mode if it's available:

  • if libpcap has pcap_set_immediate_mode(), then it also has pcap_create() and pcap_activate(), so it should call pcap_create(), call pcap_set_immediate_mode() on the resulting pcap_t, set whatever other attributes are appropriate (note that it will not need to set the timeout, as that doesn't apply in immediate mode), and then call pcap_activate();

  • otherwise, set the timeout to a very low non-zero value, and, on platforms with BPF where BIOCIMMEDIATE is defined by <net/bpf.h>, do a BIOCIMMEDIATE ioctl on the result of pcap_fileno() on the pcap_t.

djcater added a commit to djcater/nmap that referenced this issue Aug 2, 2018
This avoids false packet drops caused by libpcap buffering packets before returning them, making Nmap think that there is no response within its expected round trip timeout, leading to additional probes sent as retries. When the buffered packets then are returned, Nmap assumes that there were packet drops, due to getting responses "after" its retry probes, but not from the first probe (in reality, no packets were lost).

This is based on code seen in here: nmap#34 (comment)

It's just a quick patch to show the change. It doesn't implement error checking on pcap_activate, and doesn't check to see if pcap_set_immediate_mode is supported in the case of OS-provided libpcap.
djcater added a commit to djcater/nmap that referenced this issue Aug 2, 2018
WIP for nmap#34.

This avoids false packet drops caused by libpcap buffering packets before returning them, making Nmap think that there is no response within its expected round trip timeout, leading to additional probes sent as retries. When the buffered packets then are returned, Nmap assumes that there were packet drops, due to getting responses "after" its retry probes, but not from the first probe (in reality, no packets were lost).

This is based on code seen in here: nmap#34 (comment)

It's just a quick patch to show the change. It doesn't implement error checking on pcap_activate, and doesn't check to see if pcap_set_immediate_mode is supported in the case of OS-provided libpcap.
@djcater
Copy link

@djcater djcater commented Aug 2, 2018

Thanks for the detailed information @guyharris. I've converted @mpontillo's comment into a pull request (#1291) just to make it easier to visualise.

It doesn't check for errors calling pcap_activate and it doesn't check if immediate mode is supported.

It looks like for libpcap you added support for immediate mode in 2013 to version 1.5.0-PRE-GIT: the-tcpdump-group/libpcap@48bc6c3

PalinuroSec pushed a commit to ParrotSec/nmap that referenced this issue May 2, 2022
nmap (7.91+dfsg1-1kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.91+dfsg1-1) unstable; urgency=medium
.
  * New upstream version 7.91+dfsg1
  * Update patches; add patch to fix automake breakage
.
nmap (7.80+dfsg1-5kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.80+dfsg1-5) unstable; urgency=medium
.
  * Make nmap_service.ex_ reproducible, thanks to Chris Lamb for the patch
    (Closes: #964369)
.
nmap (7.80+dfsg1-4) unstable; urgency=medium
.
  * Revert "Enable running all tests" as this caused network activity and
    FTBFS on some autobuilders.
.
nmap (7.80+dfsg1-3) unstable; urgency=medium
.
  [ Hilko Bengen ]
  * Enable running all tests
  * Ship obfuscated nmap_service.ex_ instead of nmap_service.exe (Closes:
    #929272)
.
  [ Samuel Henrique ]
  * Configure git-buildpackage for Debian
  * d/control: Add Rules-Requires-Root: no
  * Bump DH to 13
  * d/p/upstream/signing-key.asc: Remove extra signature
  * Bump Standards Version to 4.5.0
.
  [ Automatic changes ]
  * Trim trailing whitespace.
  * Wrap long lines in changelog entries: 6.25-0.2, 4.76-0ubuntu1.
  * Set debhelper-compat version in Build-Depends.
  * Fix field name typos in debian/copyright.
.
nmap (7.80+dfsg1-2kali2) kali-dev; urgency=medium
.
  * Refresh patch and import upstream patch to fix issue
.
nmap (7.80+dfsg1-2kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.80+dfsg1-2) unstable; urgency=medium
.
  [ Samuel Henrique ]
  * Add salsa-ci.yml
  * d/rules: Pass some hardening flags to nmap_service.exe
  * salsa-ci: Disable BLHC test
.
  [ Hilko Bengen ]
  * Drop zenmap package due to python2 and pygtk removal (Closes: #885498)
  * Use Python3 for ndiff, using Bryan Quigley's patch (PR #1807).
    Closes: #883161
.
nmap (7.80+dfsg1-1kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.80+dfsg1-1) unstable; urgency=medium
.
  * New upstream version 7.80+dfsg1 (Closes: #934728)
  * Disable check for upstream signatures which are apparently
    no longer published.
  * Bump Debhelper compat level
  * Replace dh_install --fail-missing
  * Bump Standards-Version
  * dh_missing
  * Rework patches
.
nmap (7.70+dfsg1-6kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.70+dfsg1-6) unstable; urgency=medium
.
  * Team upload
  * Drop 0004-library-versions.patch, it has been fixed differently
    by upstream, and it is now breaking Ubuntu builds.
.
nmap (7.70+dfsg1-5kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.70+dfsg1-5) unstable; urgency=medium
.
  * d/control: zenmap: move polkit from Depends to Recommends, note
    that the desktop entry of zenmap as root won't work without polkit
    (closes: #912452)
.
nmap (7.70+dfsg1-4) unstable; urgency=medium
.
  [ Samuel Henrique ]
  * Bump Standards-Version to 4.2.1
  * Update my email to @debian.org
  * d/p/0005: remove ncat's manpage self-reference (closes: #765999)
  * d/control: better ndiff extended description
  * lintian-overrides:
    - ndiff: add description lintian (as nmap and zenmap does)
    - nmap: add false positive lintians
    - nmap-common: add two overrides for READMEs
    - zenmap: add override for pkexec
.
  [ Christian Ehrhardt ]
  * Fix "zenmap as root" using polkit instead of menu
    (closes: #890728) (LP: #1263311)
.
nmap (7.70+dfsg1-3kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
.
nmap (7.70+dfsg1-3) unstable; urgency=medium
.
  * Make ncat Architecture: any
  * Fix ncat description
.
nmap (7.70+dfsg1-2) unstable; urgency=medium
.
  [ Samuel Henrique ]
  * Bump DH to 11
  * d/copyright: update debian/* entry
.
  [ Hilko Bengen ]
  * Ship ncat as separate package, provide nc alternative
    (Closes: #881639, #560377)
.
nmap (7.70+dfsg1-1) unstable; urgency=medium
.
  * Team upload.
.
  [ Lukas Schwaighofer ]
  * Leave embedded copy of libssh2 in the source package to ease packaging for
    Ubuntu (which requires the embedded copy).
    - Update debian/copyright with the libssh2 copyright details.
  * Update debian/rules to use the included libssh2 copy when builing for
    Ubuntu and its derivates.
.
  [ Samuel Henrique ]
  * d/[control|watch]: update upstream homepage to https
.
  [ Raphaël Hertzog ]
  * Update team maintainer address to Debian Security Tools
    <team+pkg-security@tracker.debian.org>
  * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
.
  [ Hilko Bengen ]
  * New upstream version 7.70+dfsg1
  * Bump Standards-Version
  * nmap: Suggest ndiff, instead of recommending it (Closes: #885871)
  * Update patches
.
nmap (7.70+dfsg1-0kali2) kali-dev; urgency=medium
.
  * Rebuild with Debian orig.tag.xz
.
nmap (7.70+dfsg1-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release. Keep libpcap embedded for Kali
  * Remove merged patches: 0004-library-versions.patch 0005-autotools.patch
    0006-move-manual-defines.patch
  * Update debian/copyright
.
nmap (7.60+dfsg2-1kali1) kali-dev; urgency=medium
.
  * Synchronize with Debian: reintroduce libpcap included for Kali
    (see bug 4226)
.
nmap (7.60+dfsg2-1) unstable; urgency=medium
.
  * Repack source: Remove *.class files
  * Include *.class (for jdwp-exec.nse), nmap_service.exe (for
    smb-psexec.nse), built from source
.
nmap (7.60+dfsg1-2) unstable; urgency=low
.
  * Team upload.
  * Add new patch (0006-move-manual-defines.patch) which moves manually added
    defines from config.h.in (where they are overwritten by dh-autoreconf) to
    a proper location.  Fixes FTBFS on kfreebsd-any architectures.
.
nmap (7.60+dfsg1-1) unstable; urgency=low
.
  * Team upload.
  * Repack source:
    - Remove non-DFSG compliant files.
    - Remove unused libraries.
    - Update debian/watch.
  * debian/watch:
    - Correct syntax error.
    - Check upstream's pgp signatures.
  * Override lintian warnings:
    - Description synopsis starting with "The Network Mapper" is ok.
    - Windows devel files will be kept until upstream drops them.
  * Put architecture independent files into new nmap-common package (marked as
    Multi-Arch: foreign).
  * debian/control:
    - Change priority from extra (deprecated) to optional.
    - Bump Standards-Version to 4.1.0.
    - Add new suggestion: nmap suggests zenmap, the graphical frontend.
    - Zenmap needs ndiff, add the missing dependency.
    - Use Breaks (instead of Conflicts) for znmap's versioned dependency on
      nmap as this weaker restriction is sufficient.
    - Clean up versioned python2 dependencies (there's only 2.7 now).
    - Move python-pysqlite2 to Recommends as zenmap works without it (but
      loses useful features like searching and database saving).
    - No longer Recommend gksu as the `su-to-root` script is not part of that
      package.
  * debian/patches:
    - Added new patch (0004-library-versions.patch) so nmap reports correct
      library versions.
    - Add new patch (0005-autotools.patch) to fix autotools problems and
      allow refreshing all autotools generated files with `autoreconf -fi`.
  * debian/rules:
    - Drop --with=autoreconf, this is the default in debhelper compatibility
      level 10.
    - Add STRIP=/bin/true to dh_auto_configure to generate useful dbgsym
      packages.
    - Update the dh-autoreconf call so all autotools geneated files used
      in the build are refreshed.
  * Migrate debian/copyright to machine readable DEP-5 format.
.
nmap (7.60-1) unstable; urgency=medium
.
  * New upstream version 7.60
  * Rebase patches
  * Add libssh2 build-dependency to avoid using the embedded copy
.
nmap (7.50-1) unstable; urgency=medium
.
  * New upstream version 7.50.
  * Bump Standards-Version to 4.0.0.
  * Remove unused lintian overrides.
.
nmap (7.40-1kali1) kali-dev; urgency=medium
.
  * Synchronize with Debian: keep libpcap included for Kali
.
nmap (7.40-1) unstable; urgency=medium
.
  * New upstream version 7.40.
  * debian/patches:
    - 0001-use-su-to-root.patch: Refresh patch.
    - 0004-zenmap-desktop.patch: Remove patch, applied upstream.
  * debian/watch: Bump to v4.
.
nmap (7.31-2kali1) kali-dev; urgency=medium
.
  * Synchronize with Debian: keep libpcap included for Kali
.
nmap (7.31-2) unstable; urgency=medium
.
  [ Gianfranco Costamagna ]
  * Add debian/gbp.conf file
.
  [ Samuel Henrique ]
  * Bump DH level to 10.
  * Add myself as an uploader.
  * debian/control: Remove dh-autoreconf, now a dependency of DH 10.
  * debian/patches:
    - 0004-zenmap-desktop.patch: New patch to remove Encoding key and add
      Keywords entry for zenmap's desktop files, sent upstream.
  * debian/rules:
    - Avoid useless dependencies with "-Wl,--as-needed".
    - Enable all hardening flags with "hardening=+all".
    - Remove "--parallel" parameter, default on DH 10.
  * wrap-and-sort -a.
.
  [ Hilko Bengen ]
  * Add manpage links for zenmap links (nmapfe, nmap)
.
nmap (7.31-1kali1) kali-dev; urgency=medium
.
  * Synchronize with Debian: keep libpcap included for Kali
.
nmap (7.31-1) unstable; urgency=medium
.
  * New upstream version 7.31
.
nmap (7.31-0kali3) kali-experimental; urgency=medium
.
  * Reintroduce build with libpcacp included
.
nmap (7.31-0kali2) kali-dev; urgency=medium
.
  * Drop debian/rules with libpcap included
.
nmap (7.31-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Keep the debian/rules with libpcap included for kali
.
nmap (7.30-1) unstable; urgency=medium
.
  * New upstream version 7.30
  * Rework patches
  * Update build-dependencies, bump Standards-Version
  * Further work will be done as part of the Debian Security Tools
    Packaging Team.
.
nmap (7.30-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Remove 0004-Fix-INTERFACES-NONE-FOUND-for-real.patch: merged in new
    upstream release
.
nmap (7.25~BETA2-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Lua 5.3 is now needed to build the NSE
.
nmap (7.25~BETA1-0kali1) kali-dev; urgency=medium
.
  * Import new usptream release
  * Keep the debian/rules with libpcap included for kali
.
nmap (7.12-2) unstable; urgency=medium
.
  * Update python-gobject dependency
  * Use upstream patch to fix #821913 (Closes: #834546)
.
nmap (7.12-1) unstable; urgency=medium
.
  * New upstream version
  * Bump Standards-Version
.
nmap (7.12-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Keep the debian/rules with libpcap included for kali
.
nmap (7.11-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
.
nmap (7.10-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Keep the debian/rules with libpcap included for kali
  * Drop fix-undefined-reference.patch (included upstream)
.
nmap (7.01-3) unstable; urgency=medium
.
  * Apply patch by Jan Nordholz to ignore unenumerable interfaces
    (Closes: #821913)
.
nmap (7.01-2) unstable; urgency=medium
.
  * Remove unneeded build-dependencies; add dh-python
  * Simplify install
  * Add Lintian overrides for python-script-but-no-python-dep
.
nmap (7.01-1) unstable; urgency=medium
.
  * New upstream version
.
nmap (7.01-0kali1) kali-dev; urgency=medium
.
  * New upstream release
.
nmap (7.00-1kali1) kali-dev; urgency=medium
.
  * Import from debian
  * Drop unused files: debian/nmap.dirs, debian/nmap.files, debian/pycompat,
    debian/source/options, debian/zenmap.dirs, debian/zenmap.files,
    debian/zenmap.manpages, debian/zenmap.postinst, debian/zenmap.prerm
  * keep the debian/rules with libpcap included for kali
.
nmap (7.00-1) unstable; urgency=medium
.
  * New upstream version
  * Drop patches that are no longer needed
  * Don't install any uninstall_* scripts
  * Link nmap against lua-lpeg
.
nmap (7.00-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
.
nmap (6.49~BETA6-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
.
nmap (6.49~BETA5-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release (closes kali bug:0002680)
  * debian/rules: dh_auto_configure -- --with-libpcap=included. It can be
    dropped when nmap/nmap#34 or
    nmap/nmap#153 are fixed
  * Add a patch to build with liblua5.2-dev new version 5.2.4-1
.
nmap (6.49~BETA4-0kali1) kali-dev; urgency=medium
.
  * Import new upstream release
  * Drop patches 0003-Updated-German-translation-of-zenmap.patch and
    0004-Fail-early-when-unable-to-properly-resolve-proxy-nam.patch as they
    have been integrated upstream
  * debian/rules: drop all uninstall files after auto_install
.
nmap (6.47-7) unstable; urgency=medium
.
  * Replaced versioned Conflicts with Breaks/Replaces (Closes: #789897).
    Thanks to Michael Biebl for pointing this out.
.
nmap (6.47-6) unstable; urgency=medium
.
  * ndiff: Added versioned Conflicts (Closes: #789897)
.
nmap (6.47-5) unstable; urgency=medium
.
  * Added option to debian/watch to recognize beta, test tags
  * Moved ndiff.py to ndiff (Closes: #789776)
.
nmap (6.47-4) unstable; urgency=medium
.
  * Updated Vcs-* links, added Homepage field
  * Added upstream patch to deal with unuseable socks proxy (Closes:
    #773817)
.
nmap (6.47-3) unstable; urgency=medium
.
  * Updated German translation of zenmap, thanks to Chris Leick (Closes:
    #764653)
  * Bumped Standards-Version
.
nmap (6.47-2) unstable; urgency=medium
.
  * Added updated German zenmap translation (Closes: #687982)
.
nmap (6.47-1kali1) kali; urgency=low
.
  * Upstream update
.
nmap (6.47-1) unstable; urgency=medium
.
  * New upstream version
.
nmap (6.46-3) unstable; urgency=medium
.
  * Use autotools-dev to work around broken upstream autofoo. Thanks to
    Matthias Klose. Closes: #757456
.
nmap (6.46-2) unstable; urgency=medium
.
  * Removed obsolete debian/pycompat file
  * Fixed typo in package description (Closes: #748629)
  * Updated Vcs-* fields
  * Use Debian's ca-certificates instead of ca-bundle.crt provided in
    upstream tarball (Closes: #748958)
.
nmap (6.46-1kali1) kali; urgency=low
.
  * Upstream import
.
nmap (6.46-1) unstable; urgency=medium
.
  * New upstream version
  * Adopted the package with previous maintainer's blessing.
  * Updated watch file
  * Switched to source format 3.0 (quilt)
  * Split off ndiff into its own package (Closes: #691774)
  * No longer suppress pcap compatibility check
.
nmap (6.45-0kali1) kali; urgency=low
.
  * Upstream update
.
nmap (6.40-1kali3) kali; urgency=low
.
  * Bump version, rebuild against newer openssl libs
.
nmap (6.40-1kali2) kali; urgency=low
.
  * Update package to use same .orig.tar.gz than Debian.
.
nmap (6.40-1kali1) kali; urgency=low
.
  * Upstream nmap import
.
nmap (6.40-0.2) unstable; urgency=low
.
  * Yet another non-maintainer upload.
  * Modernize Debian build
    - Use Debhelper 9, with --parallel
    - Use dh-autoreconf (Closes: #727283)
    - Bump Standards-Version
    - Update git URL
.
nmap (6.40-0.1) unstable; urgency=low
.
  * Non-maintainer upload.
  * New upstream version
    - Contains fix for CVE-2013-4885 (Closes:  #719289)
.
nmap (6.25-1kali3) kali; urgency=low
.
  * Version bump test
.
nmap (6.25-1kali2) kali; urgency=low
.
  * Version bump
.
nmap (6.25-1kali1) kali; urgency=low
.
  * Removed desktop entries
.
nmap (6.25-1kali0) kali; urgency=low
.
  * Update to 6.25
.
nmap (6.25-0.2) unstable; urgency=low
.
  * Non-maintainer upload.
  * debian/rules: Make sure zenmap is built again (tabs vs. spaces), other
    cleanups
.
nmap (6.25-0.1) unstable; urgency=low
.
  * Non-maintainer upload.
  * New upstream version (Closes: #705762)
  * Lua 5.2 is now needed to build the NSE
  * Use upstream's desktop files and icons
  * Removed calls to dh_desktop, dh_undocumented
  * Made zenmap Architecture: all since it does not contain any
    architectue-specific files
.
nmap (6.00-0.3) unstable; urgency=low
.
  * Non-maintainer upload.
  * Apply upstream fix for interfaces in monitor mode (Closes: #696446).
.
nmap (6.00-0.2kali1) kali; urgency=low
.
  * Version bump and desktop fixes
.
nmap (6.00-0.2) unstable; urgency=low
.
  * Non-maintainer upload.
  * Enable xz compression for all binaries to save some space on CD
    images (Closes: #688708).
.
nmap (6.00-0.1kali3) kali; urgency=low
.
  * Fixed desktop copy in rules file
.
nmap (6.00-0.1kali2) kali; urgency=low
.
  * Updating desktop files
.
nmap (6.00-0.1kali1) kali; urgency=low
.
  * Upload with no changes to rebuild in kali/wheezy environment with a
    version greater than what's in wheezy.
.
nmap (6.00-0kali1) kali; urgency=low
.
  * New upstream version.
  * Add a desktop file for nmap.
.
nmap (6.00-0.1) unstable; urgency=low
.
  * Non-maintainer upload
  * New upstream version (Closes: #674573)
  * set CFLAGS etc. via dpkg-buildflags. This enables building with
    hardening flags
  * Do not use included liblinear
.
nmap (5.51.6-0.3) unstable; urgency=low
.
  * Non-maintainer upload
  * Disable pcap compatibility check, second take. (Closes: #671064)
.
nmap (5.51.6-0.2) unstable; urgency=low
.
  * Non-maintainer upload
  * use DESTDIR instead of prefix for make install. This fixes the zenmap
    sys.path issue (#663217) as well as the path in the .desktop files.
    Closes: #542958
  * revert change to zenmap setup.py script
  * Got rid of country-specific part in the directory
  * Disable pcap compatibility check that caused the internal libpcap copy
    to be used on kfreebsd-* (Closes: #671064).
.
nmap (5.51.6-0.1kali1) kali; urgency=low
.
  * Synchronize with Debian. Remaining changes are:
    - Update the debian/*.desktop files to include the Kali categories.
    - Drop ncat/config.{guess,sub} since they are removed by the clean
      rule (avoids errors of git-buildpackage)
.
nmap (5.51.6-0.1) unstable; urgency=low
.
  * Non-maintainer upload
  * New upstream version (Closes: #630144)
  * Added watch file
  * Simplified debian/*.files, added translated manpages (Closes: #358336)
  * Added Python dependency for ndiff to nmap package
  * Removed empty postinst, prerm scripts
  * No longer append the build directory to zenmap's sys.path (Closes: #663217)
  * Use dh_python2 instead of dh_pycentral. Thanks to Arthur de Jong for
    the patch. Closes: #616917
.
nmap (5.21-1.1) unstable; urgency=low
.
  * Non-maintainer upload.
  * Apply patch from Ubuntu to fix FTBFS with openssl 1.0 by dropping md2
    support (closes: #621938).  Thanks, Dave Walker!
.
nmap (5.21-1) unstable; urgency=low
.
  [Jonathan Davies]
.
  * Deliver the rest of the nmap files.
.
  [LaMont Jones]
.
  * force ncat to use nmap copy of config.guess/sub
  * New upstream version.  Closes: #569894, #546564, #510158, #507867, #539244
  * Fixed packaging.  Closes: #584253
  * minor lintian fixes.
.
nmap (5.21-1~0) unstable; urgency=low
.
  * new upstream
.
nmap (5.51-0kali1) kali; urgency=low
.
  * New upstream release.
  * Update debian/name.files and debian/zenmap.files to install all the
    new files and drop references to removed files.
.
nmap (5.20-0) unstable; urgency=low
.
  * new upstream release
.
nmap (5.00-3) unstable; urgency=low
.
  [Petr Salinger]
.
  * fix FTBFS on GNU/kFreeBSD.  Closes: #542388
.
  [LaMont Jones]
.
  * Provide and Replace: ndiff
.
nmap (5.00-2) unstable; urgency=low
.
  * rules: fix dependencies for -j.  Closes: #541984
  * Conflicts: ndiff.  Different enough to not warrant Replaces.
    Closes: #542054
  * new config.guess, updated rules for same.  Closes: #542079
.
nmap (5.00-1) unstable; urgency=low
.
  * new upstream
.
nmap (4.76-0ubuntu4) jaunty; urgency=low
.
  * No-change rebuild to fix lpia shared library dependencies.
.
nmap (4.76-0ubuntu3) jaunty; urgency=low
.
  * debian/{rules,zenmap.dirs}: install zenmap.xpm into the correct directory,
    fixes broken icon in the menu (LP: #335169)
  * debian/zenmap.files: the zenmap/pixmaps/radialnet/ directory was not
    installed, fixes crash due to missing pixmap (LP: #335166)
  * Makefile.in: added --install-layout=deb to setup.py install, fixes FTBFS
.
nmap (4.76-0ubuntu2) jaunty; urgency=low
.
  * debian/nmap.files: Included missing 'UPnP-info.nse' file needed to fix
    script scan (LP: #319656).
.
nmap (4.76-0ubuntu1) jaunty; urgency=low
.
  * New upstream release (LP: #268996)
  * Edit broken links in debian/nmap.files, debian/zenmap.dirs,
    debian/zenmap.files
  * Edit path to pixmaps in debian/rules
.
nmap (4.62-1ubuntu1) intrepid; urgency=low
.
  * Drop liblua5.1-dev build dependency, it's in universe.
.
nmap (4.62-1) unstable; urgency=low
.
  [fyodor]
.
  * new upstream release
.
  [Davide]
.
  * create an desktop file for zenmap.  Closes: #457799
  * remove useless file /usr/bin/uninstall_zenmap.  Closes: #474511
.
nmap (4.60-1) unstable; urgency=low
.
  [bmenrigh]
.
  * Tandberg MXP Video Conference appliance telnetd.  Thanks to Tom Sellers
  * Dropping stray '*' on previous Tandberg MXP match line.
.
  [doug]
.
  * New match line for another version of VxWorks FTPd
  * AXIS webcam ftpd standardisation. Thanks to Lionel Cons
  * vsftpd 00PS->OOPS patch from Kris
.
  [david]
.
  * Fix a typo in MACLookup.cc: corolation -> correlation.
.
nmap (4.60-0) unstable; urgency=low
.
  * New upstream release.  Upstream URL changes to http://nmap.org/
.
nmap (4.53-3) unstable; urgency=low
.
  * zenmap: python 2.5 has python-pysqlite2
.
nmap (4.53-2) unstable; urgency=low
.
  * zenmap: Depends: python-{gtk2,gobject}.  Closes: #466595
.
nmap (4.53-1) unstable; urgency=low
.
  [LaMont Jones]
  * Package New upstream release.
  * Cherry pick post-4.53 patches from [fyodor].  Closes: #459884
    - remove instances of .nse to prevent the docbook man page translation
      from wrongly including that string at the beginning of lines, which causes
      errors because nroff confuses it with the .ns nroff no-space mode command
    - regenerate man page -- remove instances of .nse to prevent the
      docbook man page translation from wrongly including that string at the
      beginning of lines, which causes errors because nroff confuses it with
      the .ns nroff no-space mode command
.
  [stoiko]
.
  * if nse's connect is issued on an open socket, close the old
    connection before
  * move the check, wheter a socket is open, before connecting it again to
    l_nsock_queued() - otherwise there are problems with the returned values..
.
  [fyodor]
.
  * qualify fingerprint name
  * spell-check, add 4.50 release announcement
  * improve a mysql signature (suggested by Lionel Cons)
  * sorting change, I think
  * remove a duplicate for rpc number 536870916, userd or vtsk.  I kept vksd
    though without much research.  I'm open to comments from people who think
    we should keep userd instead.
  * Added rpcinfo.nse script, which contacts a listening RPC portmapper
  * improve nginx detection. patch from Sven Klemm.
    See http://seclists.org/nmap-dev/2007/q4/0682.html
  * remove claim that using -v more than twice has no extra effect
  * o Fix a bunch of warning/error messages which contained an extra
  * o Fixed our Winpcap installer so that it waits for a Winpcap uninstall
  * o Fixed Winpcap installer to install the right version of Packet.dll
  * Update changelog and version numbers in preparation for 4.51BETA release
  * fix version number
  * update some links
  * update copyright line at the top of files from 1996-2006 to 1996-2008
  * remove duplicate crediting in an entry
  * o Fixed Nmap Winpcap installer to use CurrentVersion registry key on
  * add _ to the allowed workgroup name regex for netbios-ssn matchlines.
    Thanks to Bill Jaeger for the suggestion and partial patch
  * Update changelog, version numbers in prep for Nmap 4.52 release
  * trivial CHANGELOG adjustment
  * applied an nginx http proxy signature patch from Sven Klemm
  * Fix a problem which prevented proper port number matching in
    port_or_service() because the port variable passed to portnumber is
    shadowed by the variable passed during portrule check.  Report and
    patch are from Sven Klemm
  * o Improved rpcinfo.nse to better sort and display available RPC
  * Remove own ntohl() and use packet.u32() instead.  Patch from Sven Klemm
  * o Added UPnP-info NSE script by Thomas Buchanan. It gathers
  * o Impoved Windows executable installer by making uninstall work better
  * update version number and changelog in prep for upcoming 4.53 release
.
  [kris]
.
  * recommitting my r6499: "fix robots.nse output: remove robots.txt
    comments on disallowed entry lines"
  * Adding my strftime()-like conversion extensions to the logging functions
    (-oA, -oX, etc).  This contains a CHANGELOG entry and refguide changes
    which (hopefully) sum it up pretty well.
  * okay, a change to r6530: the current %R and %T are being removed as
    colons are invalid chracters in Windows and Mac OS X filenames (thanks to
    jah for pointing out the problem on Windows).  What was %r and %t are now
    the new %R and %T.  All this means is that %r and %t are gone, and %R/%T
    are the same as with strftime() but without colons
  * adding CHANGELOG entry for r6529 (robots.nse output fix)
  * Add CHANGELOG entry for r6558: "Fix Zenmap crash when selecting Help from
    the Compare Results window.  Path wasn't imported"
  * Adding new MySQLinfo NSE script for printing MySQL server information
  * Upgrading libpcre from version 7.2 to 7.4.  Tested on Linux and Windows
  * Fixing build problem on Mac OS X; my mistake (typo)
  * adding nmap.fetchfile() function so scripts can find the nmap-* data files
  * updating rpcinfo.nse to use nmap.fetchfile() instead of having the huge
    RPC table
  * o Fixed multiple NSE scripts that weren't always properly closing their
.
  [ejlbell]
.
  * Traceroute bugfix for when the first hop of the first host in a
    tracegroup (reference trace) times out. The previous patch did not
    completely solve the issue due to an erronous check on the ttl, now we
    use a dedicated boolean flag. Thanks to Sebastián García for the bug
    report and testing.
.
  [david]
.
  * Document Zenmap r6535 in CHANGELOG.
  * Escape OS fingerprints when writing them to an XML log. OS fingerprint don't
  * Consider Windows paths starting with \ absolute when used with the
    --script option.
  * Document Zenmap r6539 in CHANGELOG.
  * Give credit for some recent CHANGELOG entries.
  * Use just PAGE_READWRITE, not PAGE_READONLY | PAGE_READWRITE in the call to
  * Fix the message printed when a host is skipped, for example on Windows when
  * Use the filename tag for file name extensions in zenmap.xml.
  * Fixed an error that showed itself on Windows when attempting to scan
.
  [doug]
.
  * Small bug in Polycom ViewStation match line
  * Changed some protocol names to remove trailing
  * Updated the IRC server info script to handle services
  * s modifiers added to many match lines.
  * I've seen "OpenBSD identd" on a linux box so I
  * Renamed irc-serv protocols to irc and added a couple
  * Moved BIND match line above a "catch all" line.
  * NSE --host-timeout support
  * NSE run-time interaction support
  * New OfficeScan probe from Tom Sellers
.
nmap (4.50-4) unstable; urgency=low
.
  * control: zenmap Depends: python-pysqlite2.  Closes: #457694
.
nmap (4.50-3) unstable; urgency=low
.
  * use global copyright file for zenmap
.
nmap (4.50-2) unstable; urgency=low
.
  * copyright: incorporate remaining copyright info from upstream
.
nmap (4.50-1) unstable; urgency=low
.
  [Fyodor]
.
  * New upstream release.  Many changes.  Closes: #456232
.
  [LaMont Jones]
.
  * debian/rules: nmapfe migration
  * build: properly target install
  * build: finish cleaning up the build process, I hope.
  * meta: drop usr/share/pixmaps/ubuntu.svg, collides with gnome-screensaver
  * meta: zenmap Conflicts/Replaces/Provides nmapfe
  * rules: sed hack: remove build directory from python code
.
nmap (4.49~rc7-1) experimental; urgency=low
.
  * New upstream
.
nmap (4.49~rc6-1) experimental; urgency=low
.
  * New upstream release
.
nmap (4.20-3) unstable; urgency=low
.
  * build: make clean target really clean things.  Closes: #442687
  * debian/rules: remove bashisms
.
nmap (4.20-2) unstable; urgency=low
.
  * nmapfe: desktop file cleanup, validation, deliver icon.  Closes: #421347
  * metadata: document git repository
.
nmap (4.20-1) unstable; urgency=low
.
  * New upstream version
.
nmap (4.11-2) unstable; urgency=low
.
  * cleanup warnings
.
nmap (4.11-1) unstable; urgency=low
.
  * New upstream version
.
nmap (4.10-1) unstable; urgency=low
.
  * New upsteam version
.
nmap (4.03-3) unstable; urgency=low
.
  * Add missing Replaces.  Closes: #365378
.
nmap (4.03-2) unstable; urgency=low
.
  * deliver nmapfe.desktop as part of the nmapfe package.  Closes: #306373
  * don't strip nmap in Makefile, let dh_strip do that in debian/rules.
    Closes: #304202
.
nmap (4.03-1) unstable; urgency=low
.
  * New upstream.
.
nmap (4.00-2) unstable; urgency=low
.
  * uh... lets try "unstable"
.
nmap (4.00-1) experimental; urgency=low
.
  * New upstream release
.
nmap (3.9999-0) experimental; urgency=low
.
  * New upstream version
.
nmap (3.95-2) unstable; urgency=low
.
  * Use libpcap0.8-dev
.
nmap (3.95-1) unstable; urgency=low
.
  * New upstream
.
nmap (3.93-1) unstable; urgency=low
.
  * New upstream
.
nmap (3.90-1) unstable; urgency=low
.
  * New upstream release.
.
nmap (3.81-2) unstable; urgency=low
.
  * Fix FTBFS when DEB_BUILD_OPTIONS specified.  Closes: #308583
    Thanks Tollef Fog Heen.
.
nmap (3.81-1) unstable; urgency=low
.
  * New upstream version.
.
nmap (3.75-1) unstable; urgency=low
.
  * New upstream version.  Closes: #277924
.
nmap (3.70-1) unstable; urgency=low
.
  * New upstream version.  Closes: #270697
    Fixes build-detection for k*bsd-gnu.  Closes: #266901
    Updated copyright.  Closes: #266205
  * Update package description
.
nmap (3.55-1) unstable; urgency=low
.
  * New upstream.  Closes: #258757
.
nmap (3.50-1) unstable; urgency=low
.
  * New upstream version.  Closes: #229275
.
nmap (3.48-2) unstable; urgency=low
.
  * Add missing build-depends.
.
nmap (3.48-1) unstable; urgency=low
.
  * New upstream version.  Closes: #217501
.
nmap (3.45-1) unstable; urgency=low
.
  * New upstream release.  Closes: #201777, #196418, #195463, #165621
.
nmap (3.27-1) unstable; urgency=low
.
  * New upstream version.  Closes: #193909, #149393, #146581
  * Fix CXXFLAGS.  Closes: #189021
  * Change man page from \' to ' for quotes.  Closes: #143975
.
nmap (3.20-1) unstable; urgency=low
.
  * New upstream version.  Closes: #184414, #188468, #172618, #144089, #164211
.
nmap (3.10.ALPHA4-1) unstable; urgency=low
.
  * New upstream version
  * Deliver upstream changelog.  Closes: #155836
.
nmap (3.00-0.1) unstable; urgency=low
.
  * New upstream version.  Use an NMU version number just for elmo.
    Closes: #152907, #155598, #151375
.
nmap (2.54.33.BETA-1) unstable; urgency=low
.
  * New upstream version. Lots of OS fingerprint updates.  Closes: #145031
.
nmap (2.54.32.BETA-1) unstable; urgency=low
.
  * New upstream version.
.
nmap (2.54.31.BETA-1) unstable; urgency=low
.
  * New upstream version.  Closes: #117675, #132907.
  * Remove /usr/share/doc/nmap/html.  Closes: #107358.
.
nmap (2.54.30.BETA-1) unstable; urgency=low
.
  * New upstream version.  Closes: #115797
.
nmap (2.54.28.BETA-1) unstable; urgency=low
.
  * New upstream version.  Closes: #102920
  * Roll to current standards-version.
  * Remove -g from options unless DEB_BUILD_OPTIONS includes 'debug'.
.
nmap (2.54.27.BETA-1) unstable; urgency=low
.
  * New upstream version.
.
nmap (2.54.25.BETA-1) unstable; urgency=low
.
  * New upstream version.
.
nmap (2.54.22.BETA-2) unstable; urgency=low
.
  * PARISC support.  New config.guess, config.sub, and printf fixes
    for gcc 3.0.
.
nmap (2.54.22.BETA-1) unstable; urgency=low
.
  * New upstream beta.  Closes: #90553.
  * Add Build-Depends: header.
.
nmap (2.54-0.beta7.1) unstable; urgency=low
.
  * New upstream version (beta). Closes: #71642.
  * Correct reference to X Window System.  Closes: #76076.
  * Appears to fix segfault in nmapfe (unable to reproduce).
    Closes: #76019.
.
nmap (2.53-5) unstable; urgency=low
.
  * Fix xnmap man page.  Closes: #65016
.
nmap (2.53-3) unstable; urgency=low
.
  * Link with libgtk1.2 (not libgtk1).  Closes: #64705, #64709
.
nmap (2.53-2) unstable; urgency=low
.
  * Fix xnmap man page.  Closes: #64689.
.
nmap (2.53-1) unstable; urgency=low
.
  * New upstream beta release, closes: #61350, #59955, #61043, #60588, #63709
  * man pages for xnmap and nmapfe, closes: #62858
  * 2.12-5 didn't make it into frozen.  closes: #59955
  * switch from dh_dhelp to doc-base; makefile cleanup
.
nmap (2.3BETA14-0) unstable; urgency=low
.
  * New upstream beta release, closes: #60344
.
nmap (2.12-5) frozen; urgency=low
.
  * Don't deliver man pages into /usr/man.  Closes: #59955
.
nmap (2.12-4) frozen; urgency=low
.
  * New nmap-os-fingerprints and nmap-services files.  Closes #54143.
.
nmap (2.12-3) unstable; urgency=low
.
  * bad configure command for libpcap-possiblymodified (Bug#38739)
.
nmap (2.12-2) unstable; urgency=low
.
  * Add dhelp support: fixes 31162
.
nmap (2.12-1) unstable; urgency=low
.
  * new maintainer, many thanks to Bdale for packaging the previous versions.
  * new upstream version, corrects 34039.
  * Correct copyright file (closes 35848).
.
nmap (2.02-1) unstable; urgency=low
.
  * new upstream version
  * merge README.debian into copyright file, update to reflect current source
    location
.
nmap (1.51-2) unstable; urgency=low
.
  * fixed file overlap created by new upstream source, closes 25347
.
nmap (1.51-1) unstable; urgency=low
.
  * new upstream version
.
nmap (1.49-1) frozen unstable; urgency=low
.
  * new upstream source, includes fix that closes 17115
  * use existing libpcap shared lib instead of static linking a local copy
  * fix dependency specification
.
nmap (1.36-1) frozen unstable; urgency=low
.
  * new upstream source, mostly bug fixes and cleanups
  * fix typos in control file, closes 18950
.
nmap (1.30-1) unstable; urgency=low
.
  * initial release
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants