Your message dated Sat, 11 Dec 2021 17:32:07 +0000 with message-id <[email protected]> and subject line Bug#996266: fixed in btrbk 0.27.1-1.1+deb11u2 has caused the Debian Bug report #996266, regarding btrbk: Regression with security mitigation for CVE-2021-38173 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 996266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996266 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: btrbk Version: 0.27.1-1+deb10u1 Severity: normal Dear Maintainer, In the security upload for CVE-2021-38173 the ssh_filter_btrbk.sh script was changed. This, however, introduced a regression for me as my btrbk clients use the command sudo -n btrfs subvolume list -a -c -u -q -R /srv/backup However, ssh_filter_btrbk.sh only allows this pattern sudo -n btrfs subvolume list [0-9a-zA-Z_@+./-]* I.e., options to `btrfs subvolume list` are not permitted. I fixed this using this modified pattern: allow_exact_cmd "${sudo_prefix}btrfs subvolume list (${option_match}( ${option_match})*)? ${file_match}"; Best, Maximilian
--- End Message ---
--- Begin Message ---Source: btrbk Source-Version: 0.27.1-1.1+deb11u2 Done: Thorsten Alteholz <[email protected]> We believe that the bug you reported is fixed in the latest version of btrbk, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thorsten Alteholz <[email protected]> (supplier of updated btrbk package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 23 Nov 2021 20:03:02 +0100 Source: btrbk Architecture: source Version: 0.27.1-1.1+deb11u2 Distribution: bullseye Urgency: high Maintainer: Axel Burri <[email protected]> Changed-By: Thorsten Alteholz <[email protected]> Closes: 996260 996266 Changes: btrbk (0.27.1-1.1+deb11u2) bullseye; urgency=high . * Non-maintainer upload by the LTS Team. * regression fix for CVE-2021-38173 (Closes: #996260, #996266) Checksums-Sha1: fc6f6869cc05192ffd4ef5bb33bb78a6fa7475c7 2016 btrbk_0.27.1-1.1+deb11u2.dsc e9e92a009387576c26c86c2e8a91084aa39864a9 7452 btrbk_0.27.1-1.1+deb11u2.debian.tar.xz c20cfdfd7560f6a1b934dc20fe70fed1b79fe5dc 6467 btrbk_0.27.1-1.1+deb11u2_amd64.buildinfo Checksums-Sha256: e702724045300895b348a0550828c1f0ef07c061ac83f79a85ddfe2f7d6a414f 2016 btrbk_0.27.1-1.1+deb11u2.dsc a6e1d86cc9cda8cc0bf41652e2576caa5a982b0449071d120c167cbec8821599 7452 btrbk_0.27.1-1.1+deb11u2.debian.tar.xz 6240b5efc6c84c521e0d73a08c52c397208929e417ce73b3d427ae9daac14a0c 6467 btrbk_0.27.1-1.1+deb11u2_amd64.buildinfo Files: 80d2062a18b9711e4e824489d387bb81 2016 utils optional btrbk_0.27.1-1.1+deb11u2.dsc 0f67edd113a6d581755a3d6606aa33be 7452 utils optional btrbk_0.27.1-1.1+deb11u2.debian.tar.xz e04ff37d1b1c08876717fa7cd7d7c2bd 6467 utils optional btrbk_0.27.1-1.1+deb11u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmGz7xNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRy3GD/4nDrWKHm92jfC+yBQmAyJps6JpOlwX 9LtAN3uXVnprM5n3beQn8Vz4E8EHqY9dNawrKevrB1kRFwDAQO9R4j+Tynphc128 yAmi3GC/M34uTi42f3P4zOPZqVBwlU4bBN5ivFKnbfzOYFvHnOzyy9x+SFPajGUJ 9EYc+o/e+gASR8fmGGN3liMF6N1n7vJBxKC7DKuA2gAH2X3vKek13iabE6HqU8bi MX20nKhwXJlKnT762+gSKdzty8CI2cgUlq/goLRyZbfJw5IDnsXDvy1fa7BDTpUN erZjvnU9Ta2U0obmhx8DG3+ebOrxl9Cu2lCCh9Cbnwtt/SYFvJAxGr8cbOTTAxhn cXXvgDTAgN1fX35XmDxTe77iBtMkoPBOZNvk6zrNcinJ/oogo32OMXqEaCPecxqa 5yIQgDkUrzUbLnrPnAQ52lPHMqdEokfbCMkUvo+a6d9GgPN0O4OTgKbjPBez+8+T Pa+FOAMgOcGcWpED1XTULhhcyEkv+Qpjec4xhzyKsXU+LgXg5nQYied1i9Y1yy0Z x9gsWbKE4ADqEJ4+6wXpmbKQqHqQEZTQTvB2puJT68Msh/cDacOeO9wZYG/shg8h 8sQYmVrmDvY24bMQFoGiQhdeCamtVGT2XSR5vfdD8qRegQio3rbMfH8CYA3mzxcn Ok60F5nmu9XWEg== =i/F5 -----END PGP SIGNATURE-----
--- End Message ---
