Bug#537155: marked as done (possible error in README.Debian)

Wed, 22 Jul 2009 05:57:15 -0700 

Your message dated Wed, 22 Jul 2009 12:17:14 +0000
with message-id <[email protected]>
and subject line Bug#537155: fixed in libpam-ssh 1.92-7
has caused the Debian Bug report #537155,
regarding possible error in README.Debian
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
537155: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537155
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: libpam-ssh
Version: 1.92-6
Severity: minor

Hello,

README.Debian mentions (at the end):

,----
| Yet another way to use pam_ssh is to change /etc/pam.d/login to
|
|   ...
|   auth required pam_ssh.so
|   ...
|   @include common-session
|   @include ssh-session
|   ...
|
| which will unconditionally ask the user for a SSH passphrase, and only
| authenticate the user if this passphrase decrypts any of the SSH keys
| in $HOME/.ssh/login-keys.d/.
`----

Shouldn't it be:

session optional pam_ssh.so

instead of:

@include ssh-session

(which doesn't exist anyway)

?

Regards,
Andrei


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=ro_RO.UTF-8, LC_CTYPE=ro_RO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libpam-ssh depends on:
ii  libc6                         2.9-12     GNU C Library: Shared libraries
ii  libpam0g                      1.0.1-9    Pluggable Authentication Modules l
ii  libssl0.9.8                   0.9.8k-3   SSL shared libraries

Versions of packages libpam-ssh recommends:
ii  openssh-client [ssh-client]   1:5.1p1-6  secure shell client, an rlogin/rsh

libpam-ssh suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: libpam-ssh
Source-Version: 1.92-7

We believe that the bug you reported is fixed in the latest version of
libpam-ssh, which is due to be installed in the Debian FTP archive:

libpam-ssh_1.92-7.diff.gz
  to pool/main/libp/libpam-ssh/libpam-ssh_1.92-7.diff.gz
libpam-ssh_1.92-7.dsc
  to pool/main/libp/libpam-ssh/libpam-ssh_1.92-7.dsc
libpam-ssh_1.92-7_i386.deb
  to pool/main/libp/libpam-ssh/libpam-ssh_1.92-7_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jens Peter Secher <[email protected]> (supplier of updated libpam-ssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 22 Jul 2009 13:59:21 +0200
Source: libpam-ssh
Binary: libpam-ssh
Architecture: source i386
Version: 1.92-7
Distribution: unstable
Urgency: low
Maintainer: Jens Peter Secher <[email protected]>
Changed-By: Jens Peter Secher <[email protected]>
Description: 
 libpam-ssh - Single sign-on via private SSH key
Closes: 535877 537155
Changes: 
 libpam-ssh (1.92-7) unstable; urgency=low
 .
   * Avoid leaking user names, see CVE-2009-1273.
     (Closes: 535877)
   * Do not refer to non-existing session config file in README, thanks
     to Andrei Popescu.
     (Closes: 537155)
Checksums-Sha1: 
 5c1028c7edef2e0347ef3c29ed807c0980e818be 1274 libpam-ssh_1.92-7.dsc
 23fb2684990daa37b292786d2a495f31a87e9ebf 19555 libpam-ssh_1.92-7.diff.gz
 d35056a11237f98eb879db55e9fe8c2e72c40747 50912 libpam-ssh_1.92-7_i386.deb
Checksums-Sha256: 
 b2e6c19970116d896886acd04d037233b33014a52e8c6b228f95211e99c440d8 1274 
libpam-ssh_1.92-7.dsc
 d88a4f0e03109ce663c3bf559f76c3c0fb567fd90d78a4ae6196fa43ab676ef4 19555 
libpam-ssh_1.92-7.diff.gz
 7dd3647b2be8dc633b7205bde8b5409a7dbb7fc666b4d648972ba78b6460c021 50912 
libpam-ssh_1.92-7_i386.deb
Files: 
 b6986a101a30248860761a6668119052 1274 admin optional libpam-ssh_1.92-7.dsc
 ae5a94db55d27be8978e0230240558a9 19555 admin optional libpam-ssh_1.92-7.diff.gz
 3980515496d7d766b3bf9c2bf9217766 50912 admin optional 
libpam-ssh_1.92-7_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iJwEAQECAAYFAkpnAekACgkQiFVdEFPVQL/cNgP/YIgXeW4ueaaF2+ZEOgDJAtd8
65HBZ0ddxPgciiD9Qps8KssS63o2xX8qZIlCnTFJs5NRsXaG17wNotW7ZBvBryMH
7GAquNGXsm+Ktp5/lAEv8PNqCosjhPdhNp8FFaFwgGTbJvKyidkHvqyhyWeki0u7
ge8U+/LHYDggDUf5KeE=
=F0d4
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to