Package: ferm
Version: 2.0.3-1
Severity: important
ferm.postinst of version 2.0.3-1 contains this:
# Automatically added by dh_installinit
if [ -x "/etc/init.d/ferm" ]; then
update-rc.d ferm start 41 S . start 36 0 6 . >/dev/null
Meanwhile the previous version was:
# Automatically added by dh_installinit
if [ -x "/etc/init.d/ferm" ]; then
update-rc.d ferm defaults >/dev/null
1.2.2-1 created the following symlinks after installation:
/etc# ls -l rc*.d/*ferm*
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc0.d/K20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc1.d/K20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc2.d/S20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc3.d/S20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc4.d/S20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc5.d/S20ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc6.d/K20ferm -> ../init.d/ferm
/etc#
After a 1.2.2-1 -> 2.0.3-1 upgrade symlinks remain intact, everybody is happy.
However in new installs we got this:
/etc$ ls -l rc*.d/*ferm*
lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc0.d/S36ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc6.d/S36ferm -> ../init.d/ferm
lrwxrwxrwx 1 root root 14 Mar 13 10:15 rcS.d/S41ferm -> ../init.d/ferm
/etc$
This may cause that after a normal boot (i.e runlevel=2) iptables are empty.
The init script probably does not run at all.
!!! Systems with newly installed ferm are vulnerable. !!!
Gabor
-- System Information:
Debian Release: 5.0.1
APT prefers proposed-updates
APT policy: (500, 'proposed-updates'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
