Your message dated Tue, 05 Feb 2013 22:47:32 +0000
with message-id <e1u2ria-00048w...@franck.debian.org>
and subject line Bug#699856: fixed in dynalogin 0.9.14-2
has caused the Debian Bug report #699856,
regarding incorrectly refuses to authenticate in some circumstances
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
699856: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699856
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libdynalogin-1-0
Version: 0.9.14-1
Severity: serious
In some circumstances, the algorithm fails to authenticate a valid user
presenting a valid code.
This appears to be occurring because the expected behavior of the
oath_strcmp function is not identical to regular strcmp, negative return
values are being handled as errors.
There is no security risk or risk of giving access when a user should
not have access.
The solution involves testing the strcmp return value and is a minor
change (~2 lines)
--- End Message ---
--- Begin Message ---
Source: dynalogin
Source-Version: 0.9.14-2
We believe that the bug you reported is fixed in the latest version of
dynalogin, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 699...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Pocock <dan...@pocock.com.au> (supplier of updated dynalogin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 05 Feb 2013 23:25:37 +0100
Source: dynalogin
Binary: libdynalogin-1-0 dynalogin-server dynalogin-client-php
simpleid-store-dynalogin
Architecture: source all amd64
Version: 0.9.14-2
Distribution: unstable
Urgency: low
Maintainer: Debian Authentication Maintainers
<pkg-auth-maintain...@lists.alioth.debian.org>
Changed-By: Daniel Pocock <dan...@pocock.com.au>
Description:
dynalogin-client-php - two-factor HOTP authentication - PHP client
dynalogin-server - two-factor HOTP authentication - server daemon
libdynalogin-1-0 - two-factor HOTP authentication - implementation libs
simpleid-store-dynalogin - two-factor HOTP authentication - OpenID provider
Closes: 699856
Changes:
dynalogin (0.9.14-2) unstable; urgency=low
.
* Correct behavior of oath_callback (Closes: #699856)
* Tweak title and description text
* Update control file for migration from collab-maint to pkg-auth
* Remove deprecated DM-Upload-Allowed
Checksums-Sha1:
501a921a99bcc54722a71824e6cbc1c5035ac8bc 2184 dynalogin_0.9.14-2.dsc
823758e73da4113f883979958f2f387ec24474dd 4189 dynalogin_0.9.14-2.diff.gz
e93a0f25bb3945757c614eb43fb65a91b817f523 2608
dynalogin-client-php_0.9.14-2_all.deb
4c2fd97de60beeec4678074eae46e20d2d0af3ae 9862
simpleid-store-dynalogin_0.9.14-2_all.deb
04c42e62e6053fed753bde0f6dd52d5c5c8a24ec 22828
libdynalogin-1-0_0.9.14-2_amd64.deb
61cc5d0528a06c860d1ac8bbb09bba31471ab6d2 12926
dynalogin-server_0.9.14-2_amd64.deb
Checksums-Sha256:
00a574dcbc601d37ac1ed3e5dd46d913da18b3168b35b18a5e70b1825895adbf 2184
dynalogin_0.9.14-2.dsc
cd830c50a205062acb27a9aa0982681f4488c6c5e89943aaa73162585c9da09f 4189
dynalogin_0.9.14-2.diff.gz
faa623df168e66b43b53e621833179bbc6af11535ee511f2447eebd1962b8be2 2608
dynalogin-client-php_0.9.14-2_all.deb
316f717c2c19238cda921370d320889084afcc4dd7733e0038fb7baf569781ef 9862
simpleid-store-dynalogin_0.9.14-2_all.deb
37c436237074c427787555257767ab6dc426f119f9b32f76579718f7f3e1c445 22828
libdynalogin-1-0_0.9.14-2_amd64.deb
ef4cc6a0aa4f68f210a5e624b42aade235972186b5698d0640519a37efab9f38 12926
dynalogin-server_0.9.14-2_amd64.deb
Files:
705bee5ef588ce02c7cd4643796684b0 2184 admin optional dynalogin_0.9.14-2.dsc
2eab48218aedecbec532ba6e0f1982e9 4189 admin optional dynalogin_0.9.14-2.diff.gz
ea173e5bd73729366a00199302afa586 2608 web optional
dynalogin-client-php_0.9.14-2_all.deb
bd8a86599e73e0f502e85f4e2585e6c8 9862 web optional
simpleid-store-dynalogin_0.9.14-2_all.deb
44bcee723981c80e9df603768ba7f67d 22828 libs optional
libdynalogin-1-0_0.9.14-2_amd64.deb
1c1a95d37e30ed36b77ea1103077ec6e 12926 admin optional
dynalogin-server_0.9.14-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJREYjyAAoJEOm1uwJp1aqD5noQAJNKsdmSJFCf2Nvi8ei/OlZY
5N1vwI4ru5JP8RHs2YlPW/pEB327net3ZBKLQSMcriMVm/K/KM+gLFOtB6CH+Av4
GUbcS5QmEDiJMN/PVfYtZ1jA/9Co+sRMs5fPdFOUN3zOJLH9tDQtm1swyxv+NY02
Ec9wx7CapTxk+FtxE3MNnuRYpxvoXNV8hehoJEY4nNiFu7ShNFtWPb/HMQJPvP1C
ic78CDEyScVrk3V5IlQ9ErO6uTFjR6C4prkdgtKuDkIwESWNULfe6EKFyKWR6Z6L
DY6o5VrW0n+imdJaMltDQswzt9lOM18Ki5fYlvrMyos7X1M4tCUoA0Gm6/q9Ct/f
WsOLYRsEO+WTTfdQQQ7cesxwrxZOOjLkNrq1AZZHdcQPjl3c3akAwfvS0fecd02B
cQwPRGmFHazXJCj8Eegfe1guXGpLTFvG47+0w2VHtOl5nQHnXimbnzwAIellhaPn
bCO1INlO6FOswPJemkH4sPynOw/KXcaS1MBlGA+vMUy34zFtpgx9JV3qlisPnPBf
s5s/YyzphM7iDylLdhIgQ9Ts46UTKmuqFmmQ32bLglGajeUtAdfKtt0lgLCb4rVL
wGOiYXR/iJpzstxuCSXBZtSW960JfNtOcRQG0zk9pZvpUVvbBGbKH9QoxFgdB/pR
nBljdJLXDzXqCkcD3j98
=YoeC
-----END PGP SIGNATURE-----
--- End Message ---
