Your message dated Tue, 02 Nov 2021 18:20:45 +0000 with message-id <e1mhyor-0005ql...@fasolo.debian.org> and subject line Bug#997977: fixed in monopd 0.10.2-5 has caused the Debian Bug report #997977, regarding /lib/systemd/system/monopd.service:8: Special user nobody configured, this is not safe! to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 997977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: monopd Version: 0.10.2-4 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: jason.lee.quinn+deb...@gmail.com, Debian Security Team <t...@security.debian.org> Dear Maintainer, Recently upgraded from Buster to Bullseye. I'm not perusing "journalctl --boot" looking for errors and warnings and submitting bug reports as I tend to do after a Debian upgrade. One of the curious lines in my journal logs was /lib/systemd/system/monopd.service:8: Special user nobody configured, this is not safe! This does indeed appear to be a valid systemd warning. See commit at https://github.com/systemd/systemd/commit/bed0b7dfc0070e920d00c89d9a4fd4db8d974cf0 Marked as grave as per bug descriptions in the reportbug tool (introduces a security hole). Cheers, Jason -- System Information: Debian Release: 11.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-9-amd64 (SMP w/12 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages monopd depends on: ii libc6 2.31-13+deb11u2 ii libgcc-s1 10.2.1-6 ii libmuparser2v5 2.2.6.1+dfsg-1 ii libstdc++6 10.2.1-6 ii libsystemd0 247.3-6 ii lsb-base 11.1.0 monopd recommends no packages. Versions of packages monopd suggests: ii gtkatlantic 0.6.3-1
--- End Message ---
--- Begin Message ---Source: monopd Source-Version: 0.10.2-5 Done: Markus Koschany <a...@debian.org> We believe that the bug you reported is fixed in the latest version of monopd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 997...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Koschany <a...@debian.org> (supplier of updated monopd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Nov 2021 18:56:50 +0100 Source: monopd Architecture: source Version: 0.10.2-5 Distribution: unstable Urgency: medium Maintainer: Debian Games Team <pkg-games-de...@lists.alioth.debian.org> Changed-By: Markus Koschany <a...@debian.org> Closes: 997977 Changes: monopd (0.10.2-5) unstable; urgency=medium . * Declare compliance with Debian Policy 4.6.0. * Use systemd's DynamicUser feature to sandbox monopd. Thanks to Jason L. Quinn for the report. (Closes: #997977) Checksums-Sha1: 56b945014eac6e548396408db5a649d90880ffde 2110 monopd_0.10.2-5.dsc 722a456ccfd48eae0bc99ebe1971c30f1ec9af42 19732 monopd_0.10.2-5.debian.tar.xz a73d94649e7edb86877d9aad46640dde469027f6 6242 monopd_0.10.2-5_amd64.buildinfo Checksums-Sha256: 7212b834d009922d2a13c3231a2b847824653e67295cca2964e10fb6ab0e40cd 2110 monopd_0.10.2-5.dsc 7189889e00264060b071136d71642e6ecb8f4f15d9dfe5f14fcfce43fa566388 19732 monopd_0.10.2-5.debian.tar.xz a6d46a17938603e09c6cd2e085d462a32d9f76f4a35489b45d4040ba0a74bb4a 6242 monopd_0.10.2-5_amd64.buildinfo Files: 87c737e1e6c2887a15469c2d0abc48f5 2110 games optional monopd_0.10.2-5.dsc 35955589dd261a53c089466ca85c7fcd 19732 games optional monopd_0.10.2-5.debian.tar.xz dd8fbfbe488867c7392d04c9ff47b14c 6242 games optional monopd_0.10.2-5_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmGBfFtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkPuAP/3+kAo4tlxcVqCUxIVo6iCC6rABAv+F4Nfaf 8+KSeWW7vFDKCAMBy1+FQSY5wIo3Qa24pYwrkafanGxVQSLt+nsErJrcMofEdQSi FAgFWXjJpp7PhElaoJj9V4ViQSW4o3lvAUBoxxmT+Qi58gFeqG5vavb0IbpMKREU BlIGIeXFzOlI7IYSp/C2QwviXkSiIobfs8VBIJgtWhiuWXstA2Bfag7Rg+HPelQ3 Jxhf+2qWV0mNjXcZYntKwmx1uHyJ2cvraKBqbz1CG9CaOhbZINKAfEAPAN6L6egl /ZGxIzG/qIZAHCmTVcnSlUPSvPyMlGqLn7Rxp1OYuYU7cWfCNopGSFtgzOVc5sQq BtMh0hsaA9uj8IE+FNCXyJ7k5cnT/E58hb45hanoSydeENrJhuVghKhQjP4C3Z/7 b53IClshXZoqnBz30MkBU5zjnL+NUbbH7yl3gLwi3WeWRxglwovJA4a5V9ySKmtO 6wcOtqm8/sKg2/izqzbU2Tt0CTY2cWHJVOpqscTCPDQdYkJ5ZjbqDsrdXRcO5qmS EsGNLiH2AOECDqgh9USXGPBUJaKJgMYqQkcgo0Cg3aWzUcjcbATyT4r/7C98wLmr Lv2u7jxRzzS6Zi+w/zoLoThQW716UPFCSbq5BxtoS8G3bZfGpTCvn/bATrYUw+dK 9pU8eRrp =SEbO -----END PGP SIGNATURE-----
--- End Message ---
