Your message dated Wed, 14 Mar 2007 21:47:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#403855: fixed in john 1.6-40.1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: john Version: 1.6-40 Severity: important Tags: security I note the following changelog entry: - Added /var/run/john to DEB_FIXPERMS_EXCLUDE: the location needs to be safe from normal user reading If any versions were uploaded to unstable which had /var/lib/john set to any mode besides 0700, then dpkg will not have updated the directory to the mode used by new .debs. The closest fix to a proper one is probably to postinst, to be run after every configuration of an instance of a package: dpkg-statoverride --list /var/run/john >/dev/null || chmod -v 0700 /var/run/john
--- End Message ---
--- Begin Message ---Source: john Source-Version: 1.6-40.1 We believe that the bug you reported is fixed in the latest version of john, which is due to be installed in the Debian FTP archive: john_1.6-40.1.diff.gz to pool/main/j/john/john_1.6-40.1.diff.gz john_1.6-40.1.dsc to pool/main/j/john/john_1.6-40.1.dsc john_1.6-40.1_i386.deb to pool/main/j/john/john_1.6-40.1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Kevin B. McCarty <[EMAIL PROTECTED]> (supplier of updated john package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 14 Mar 2007 17:06:16 -0400 Source: john Binary: john Architecture: source i386 Version: 1.6-40.1 Distribution: unstable Urgency: high Maintainer: Guilherme de S. Pastore <[EMAIL PROTECTED]> Changed-By: Kevin B. McCarty <[EMAIL PROTECTED]> Description: john - active password cracking tool Closes: 375850 403855 412797 Changes: john (1.6-40.1) unstable; urgency=high . * Non-maintainer upload. * High-urgency for RC bugfix. * The following bug fixes are mostly cherry-picked from an omnibus patch by Justin Pryzby <[EMAIL PROTECTED]>: * Complete rewrite of maintainer scripts to neither remove nor edit conffiles (Closes: #375850) - the debconf settings are not necessary for package operation, so just don't use debconf, and remove debconf-related files from debian directory (incidentally closes: #412797) - preserves settings in preinst, rather than moving conffiles to foo.old - do the conffile relocation in preinst (not postinst, which inhibits dpkg diffs when they should be displayed) - the cronjob in /etc/cron.d does nothing if the executable isn't +x, so doesn't need to be commented out on uninstallation - minor edits to debian/README to reflect these changes * Set /var/run/john to mode 0700 in postinst configure unless a dpkg-statoverride exists (Closes: #403855) * On uninstallation, remove restore file from /var/lib, not /usr/share; and do so in postrm remove, not prerm remove. On upgrade, if restore file exists in /usr/share but not in /var/lib, move it in postinst. Files: f08ed4eb6c53721b853d44c0e818481f 631 admin optional john_1.6-40.1.dsc b2bdb2bbd32c91a30ed12b2a26bcc76c 23226 admin optional john_1.6-40.1.diff.gz 0b820156bd01d20ce2ebf7996fa0cafc 544694 admin optional john_1.6-40.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF+Gn5fYxAIk+Dx1ERAjFkAJ42MbOy6JkCJmnzAUx+dZrn/rEb8QCfe7om yt+97jP3tppHLBJOWx6bBcY= =7tyi -----END PGP SIGNATURE-----
--- End Message ---
