Your message dated Sat, 10 Jun 2006 10:47:11 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#368414: fixed in ejabberd 1.1.1-3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: ejabberd Version: 1.0.0-2 Severity: critical Justification: breaks unrelated software RC abuse of /etc/ssl/certs, rendering certificate validation inoperable. There are two problems with this packages use of /etc/ssl/certs: * Files in /etc/ssl/certs must be a+r - GNUTLS reads files in /etc/ssl/certs, and will not verify a remote certificate once it encounters an unreadable file in /etc/ssl/certs. - OPENSSL also must read files in /etc/ssl/certs, but seems to be more forgiving of errors incurred in the process. * This packages combines the key and cert into one file - which of course means it can't be world readable... and there for should not be in /etc/ssl/certs. At least the key file should be in some package private /etc/ directory - with the appropriate permissions. You can still use a combined file, but it just needs to be elsewhere. I noticed this when I couldn't connect to my corporate LDAP servers using ldaps://, but the breakage is going to be further spread (likely any GNUTLS client app needing to lookup certificate chains). -- System Information: Debian Release: testing/unstable APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages ejabberd depends on: ii erlang-base-hipe [erlang-runt 1:10.b.9-4 Erlang base system (virtual machin ii erlang-nox 1:10.b.9-4 Concurrent, real-time, distributed ii libc6 2.3.6-9 GNU C Library: Shared libraries ii libexpat1 1.95.8-3.2 XML parsing C library - runtime li ii libssl0.9.7 0.9.7i-1 SSL shared libraries ii openssl 0.9.8b-2 Secure Socket Layer (SSL) binary a ejabberd recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: ejabberd Source-Version: 1.1.1-3 We believe that the bug you reported is fixed in the latest version of ejabberd, which is due to be installed in the Debian FTP archive: ejabberd_1.1.1-3.diff.gz to pool/main/e/ejabberd/ejabberd_1.1.1-3.diff.gz ejabberd_1.1.1-3.dsc to pool/main/e/ejabberd/ejabberd_1.1.1-3.dsc ejabberd_1.1.1-3_i386.deb to pool/main/e/ejabberd/ejabberd_1.1.1-3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Torsten Werner <[EMAIL PROTECTED]> (supplier of updated ejabberd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 10 Jun 2006 18:13:34 +0200 Source: ejabberd Binary: ejabberd Architecture: source i386 Version: 1.1.1-3 Distribution: unstable Urgency: low Maintainer: Torsten Werner <[EMAIL PROTECTED]> Changed-By: Torsten Werner <[EMAIL PROTECTED]> Description: ejabberd - Distributed, fault-tolerant Jabber/XMPP server written in Erlang Closes: 368414 Changes: ejabberd (1.1.1-3) unstable; urgency=low . [ Sergei Golovan ] * moved ejabberd SSL certificate from /etc/ssl/certs to /etc/ejabberd, closes: #368414 . [ Torsten Werner ] * upload to unstable Files: 38be007b62330b05bf025e34e98b829e 697 net optional ejabberd_1.1.1-3.dsc 71536a5e87fe5fcb9fa4f11ed63538a4 12067 net optional ejabberd_1.1.1-3.diff.gz 8ec0120f6eedb1b3a03b9f7c0e72a536 801038 net optional ejabberd_1.1.1-3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEiwOvfY3dicTPjsMRArBAAJ4gTyZ8QKd+oecxtigQlNIr8WYaawCeIp0n /wUUm8x3lmJCz3pfFcvNX7s= =/ouC -----END PGP SIGNATURE-----
--- End Message ---
