Bug#353306: Courier-IMAP -installation highly unfriendly and confusing

[Stefan Hornburg]

Mgr. Peter Tuharsky wrote:
> Package: courier-imap
> Version: 3.0.8-4sarge4
> 
> There is one BIG and confusing glitch with installing Courier IMAP
> server: it's the creation of Maildirs. If one dosen't know, how EXACTLY
> should they be created, there's no chance to get Courier IMAP working.
> Whatever greatly it is configured, it dosen't work, and no one knows
> why. Until he does have a good knowledge in RFC documents, and bet me
> there is not so much mankind that do.

It is sufficient to read the README.Debian documents installed with
courier-imap/courier.base. If you see need for improving these
documents, please let me know.

> 
> If the Courier only didn't create the dirs himself automatically! The
> user could then at least know that something is missing.
> However, he CREATES some dirs, and he does it in BAD way so that they,
> again, don't work. User should think "yes, he said that Maildirs are
> needed, and he created some now, so this is certainly not the problem
> that causes Courier not to work"
> 
> If one wants to run Courier, he should search and study RFC documents
> (!!!) regarding IMAP and create Maildirs by hand, exactly matching the
> describtion in RFC. Then suddenly, whoila, a miracle, Courier starts
> working.
> 
> I really DO think, that in 21th century, creation of proper directory
> structure SHOULD be held by package itself. Courier-imap should create
> proper Maildirs in /etc/skel and then politely ASK, if he should create
> them for existing users too.
> 

Many installations use Courier-IMAP with virtual users (authenticated
by MySQL, LDAP, Postgresql or UserDB), so they need different means of
directory creation.

> I don't desire to be unkind, but so far, Courier-IMAP has been the
> package with the worst installation I have ever met.
> 
> 

Thanks for taking my commitment seriously.

Racke


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#353963: please filter "couriertls: read: Connection timed out" in logcheck

[Stefan Hornburg]

martin f krafft wrote:
> Package: courier-imap-ssl
> Severity: wishlist
> 
> Please include the following line in
> /etc/logcheck/ignore.d.*/courier-imap-ssl:
> 
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ imapd-ssl: couriertls: read: Connection 
> timed out$

Can you please tell me under what circumstances this message appears ?

Bye
Racke



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#354355: New debian sympa package

[Stefan Hornburg]

Jean Charles Delepine wrote:
> Package: sympa
> Version: 5.1.2-cvs.20060224-0.1
> Severity: wishlist
> 
> Hello,
> 
> Please have a look to 
> 
> deb http://ldap.u-picardie.fr/~delepine/APT/sympa ./ 
> deb-src http://ldap.u-picardie.fr/~delepine/APT/sympa ./
> 
> It install and upgrade fine if mysql is used. Postgres is in the
> same state as in the old package.
> 
> 5.1.2-cvs.20060224-0.1 is based on sympa's stable cvs branch (only
> bugs fixes over 5.1.2), it's a good candidate for a long waited upload 
> to unstable.
> 
> I'd like to co-maintain this package with you. 

I already fixed a couple of issues for 5.1.2 in my private source tree.
I'll browse through your package and merge our efforts real soon now.

Thanks for your effort.

Bye
Racke


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#169102: Patch

[Stefan Hornburg]

Jeremy Malcolm wrote:

I think including this file in /etc/exim4/conf.d/routers/ should work?

### router/450_exim4-config_local_sympa_aliases
#

# This router handles aliasing using the /etc/mail/sympa.aliases file.

sympa_aliases:
  debug_print = "R: sympa_aliases for [EMAIL PROTECTED]"
  driver = redirect
  domains = +local_domains
  allow_fail
  allow_defer
  data = ${lookup{$local_part}lsearch{/etc/mail/sympa.aliases}}
  user = sympa
  group = sympa
  file_transport = address_file
  pipe_transport = address_pipe
  directory_transport = address_directory



This looks like a good solution for this bug at the first glance.

Bye
Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#348826: DoS vulnerability

[Stefan Hornburg]

Steve Langasek wrote:

On Fri, Jan 20, 2006 at 08:20:30AM +0100, Philipp Kern wrote:



[EMAIL PROTECTED] wrote:


1.0.0 contains a security bug which was fixed
in yesterday's released mydns 1.1.0 version:




Next time please contact me in private before you file a bug, thanks. I
am generally quite responsive and your action wasn't too helpful. The
author does not want several information to be disclosed, that's why I
avoided a public bug report.



And yet if someone is filing a bug about it, the information in that report
is already public.  I don't see any reason why you should be bothered by
this, when it's obviously not your fault this information became public?



The information was already public before the Debian bug was reported,
so the submitter did the correct thing.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#352696: please add logcheck filters

[Stefan Hornburg]

martin f krafft wrote:

Package: sqwebmail
Severity: wishlist

There are probably more rules to come, but for now, please install
/etc/logcheck/ignore.d.server/sqwebmail with the following content:

  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sqwebmaild: 
/etc/courier/shared/index: No such file or directory


In fact, I should fix #287999 instead.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#340568: Error with HTMLAREA widget in UI

[Stefan Hornburg]

package: interchange-ui
version: 5.3.2-1

Bas Bezemer <[EMAIL PROTECTED]> reported an error with the HTMLAREA
widget in UI:

Upgrading from 5.2.1 to 5.3.2 i came into trouble with the htmlarea widget 
that comes with 532. At least in the latest firefox it will not appear and 
shows the following error in de javascript console:
Error: class is a reserved identifier
Source File: 
http://192.168.1.3/cgi-bin/pv/admin/text/text_edit.html?item_id=00431&id=gPkyV2D3&mv_pc=3188
Line: 557, Column: 38
Source Code:
 HTMLArea.replace('htmlarea_content', class="s3");

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#340576: Data Loss in Table Editor

[Stefan Hornburg]

package: interchange-ui
severity: grave
tags: confirmed

Creating a new item in the interchange UI with the sku of an existing
record overwrites this record.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#327022: Typo in makehosteddomains manual page

[Stefan Hornburg]

Hello, Sam !

Can you please apply the following patch in order to resolve Debian bug #327022
(typo in makehosteddomains manual page) ?

diff -u -r1.3 makehosteddomains.sgml
--- courier/doc/makehosteddomains.sgml  16 Dec 2003 01:19:02 -  1.3
+++ courier/doc/makehosteddomains.sgml  27 Nov 2005 14:21:26 -
@@ -132,7 +132,7 @@
 2) Create $HOME/.courier-default file in this account,
 containing the delivery instructions. See the
 dot-courier5
-manual page for avaiable delivery instructions.
+manual page for available delivery instructions.
 
   
 NOTE that [EMAIL PROTECTED] must be a real account, not a 
mail

Thanks
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#341205: courier-webadmin: unsecureok allows webadmin for everybody

[Stefan Hornburg]

Christian Gennerat wrote:

Package: courier-webadmin
Version: 0.47-11
Severity: important

A server is generally administred by a remote user.
creating the "unsecureok" files allows webadmin to everybody.

Solution:
Specify by a comma-separated, comma-ended list
the IP addresses of valid administrators


A better solution is to either use https:// or restrict access to the webadmin
through your webserver.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#341205: Can restrict administration

[Stefan Hornburg]

Christian Gennerat wrote:

Stefan Hornburg a écrit :

A better solution is to either use https:// or restrict access to the 
webadmin

through your webserver.



Yes, but it would be better to specify a list of adddresses than to open 
webadmin

to the whole local network, as it is suggested by the HowTo:

If you are not using SSL on your Apache server, you will need to add 
/etc/courier/webadmin/unsecureok, so you will be able to use your web 
based administration tool.


*touch /etc/courier/webadmin/unsecureok*


I'm certain Apache accepts IPs for access control. unsecureok is only
a workaround. Enabling SSL isn't a big deal either.




And the proposed patch is not very expansive !



But IMHO is unnecessary. If you think otherwise, send please your patch 
upstream.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#347967: Register link doesn't work anymore

[Stefan Hornburg]

package: interchange-ui

The register link in the Interchange UI (Administration/Preferences) doesn't 
work anymore.

Result on http://www.icdevgroup.org/i/dev/register.html:

Page Missing

The page you requested is missing!

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#349532: porting jfsutils to GNU/Hurd

[Stefan Hornburg]

On Mon, 23 Jan 2006 17:10:38 +0100
Manuel Menal <[EMAIL PROTECTED]> wrote:

> Package: jfsutils
> Version: 1.1.8-1.hurdfr.1
> Severity: normal
> Tags: patch
> 
> jfsutils has some portability issues that I needed to fix for GNU/Hurd.
> With this patch, the utils work fine on GNU/Hurd and GNU/Linux.

Thanks for your submission. Reported to the jfsutils tracker at Sourceforge,
request id 1413166.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#336156: bug in my patch

[Stefan Hornburg]

On Sat, 29 Oct 2005 22:13:05 +1000
Geoff Crompton <[EMAIL PROTECTED]> wrote:

> You may have noticed already, but the patch I submitted double declares
> $user.

Yes, I did. And I found more issues and hopefully fixed them all.
I release a new version ASAP.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#334920: courier-imap-ssl: DSO support routines:DLFCN_LOAD:could not load the shared library"

[Stefan Hornburg]

On Wed, 2 Nov 2005 20:27:06 +0100
Kurt Roeckx <[EMAIL PROTECTED]> wrote:

> reassign 334920 libssl0.9.8 0.9.8-1
> close 334920 0.9.8a-3
> thanks
> 
> I believe all those (merged) bugs should have been fixed by the
> new openssl (libssl0.9.8) 0.9.8a-3 upload.  Not really sure about
> #333896 though.

#333896 is most likely the same as the other ones.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#338221: courier-mta: Cannot store record for 127.0.0.1 - duplicate or out of disk space.

[Stefan Hornburg]

On Wed, 09 Nov 2005 17:18:16 +0100
Willi Mann <[EMAIL PROTECTED]> wrote:

> 
> > I was able to apt-get src courier-mta and run grep against it. I wasn't
> > sure which file exactly was responsible for having an extra 127.0.0.1.
> > My solution was to mv /etc/courier /etc/courier.orig, install everything
> > and then I simply copied the older smtpaccess/default file. I did not
> > modify it. So I'm not sure if this file is to blame.
> 
> So, can you diff -urN /etc/courier /etc/courier.orig, and look for 
> 127.0.0.1? Maybe that turns out the culprit.

Maybe there is a editor backup or other file within smtpaccess ?

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#338385: courier: [INTL:sv] Swedish PO-template translation

[Stefan Hornburg]

Daniel Nylander wrote:

Package: courier
Severity: wishlist
Tags: patch l10n


Here is the swedish translation for courier (pcp)


Where should I put this to have an effect ?

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#266771: courier-base: Please change log facility for courierlogger to something unique

[Stefan Hornburg]

On Wed, 25 Aug 2004 15:01:50 -0500
Micah Anderson <[EMAIL PROTECTED]> wrote:

> Stefan Hornburg schrieb am Thursday, den 19. August 2004:
> 
> > On Wed, 18 Aug 2004 20:54:43 -0500
> > Micah Anderson <[EMAIL PROTECTED]> wrote:
> > 
> > > Package: courier-base
> > > Version: 0.45.6.20040712-1
> > > Severity: wishlist
> > > 
> > > Courierlogger logs to the mail facility, which is particularlly messy
> > > if you happen to also have a MTA installed (very common) which also
> > > logs to the mail facility (very common). It is preferred to have
> > > courier logs in a separate log file (/var/log/courier.log for
> > > example), so that you can see what is going on.
> > > 
> > > liblog/logger.c does have many available, for example:
> > > 
> > > #ifdef LOG_LOCAL3
> > > { "local3", LOG_LOCAL3 },
> > > #endif
> > 
> > You can pass the desired facility to courierlogger:
> > 
> > "Usage: courierlogger [-name=name] [-pid=pidfile] [-facility=type]\n"
> > "   [-start|-stop|-restart] [cmd [args...]]\n"
> > 
> > Therefore I suggest to make this configurable from /etc/default and
> > change the init scripts accordingly.
> > 
> 
> Indeed, I tried to do this... its not that simple, as you are aware,
> the initscript to start the individual courier daemons, does some
> funky environment pre-sets before launching:
> 
> /usr/bin/env - /bin/sh -c " set -a; \
> bindir=${bindir}; \
> . ${sysconfdir}/imapd; \
> if [ "$SSLCONFIG" ]; then . ${sysconfdir}/imapd-ssl;
> fi; \
> IMAP_STARTTLS=$IMAPDSTARTTLS ; export IMAP_STARTTLS ; \
> TLS_PROTOCOL=$TLS_STARTTLS_PROTOCOL ; \
> $TCPD -address=$ADDRESS \
> -stderrlogger=${sbindir}/courierlogger \
> -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP \
> -pid=$PIDFILE $TCPDOPTS \
> $PORT ${libexecdir}/courier/imaplogin $AUTHMODULELIST 
> \
> ${bindir}/imapd $MAILDIR"
>   
> 
> Simply adding ..."-stderrlogger=${sbindir}/courierlogger -facility=local3"
> 
> does not work, nor does any shell/environmental trick that I could
> muster. From playing around on the commandline, it almost appeared as
> if -name was a required parameter, or that courierlogger would have to
> be the mechanism to launch the individual courier daemon itself for
> that to work (something like courierlogger -name=imapd
> -facility=local3 -pid=$PIDFILE -respawn -start ${bindir}/imapd
> $MAILDIR) which doesn't seem particularly exciting, since this would
> require a total re-working of the courier startup scripts themselves,
> and may have some unintented side-consequences. 
> 
> I think it would be great if the courier startup scripts had something
> like (warning, pseudocode below):
> 
> /etc/default/courier
> FACILITY=local3
> 
> /etc/init.d/courier-imad
> source /etc/default/courier
> 
> . . . "courierlogger -facility ${facility}" . . .
> 

Recent Courier packages in experimental have LOGGEROPTS in 
/etc/courier/authdaemonrc:

##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#

LOGGEROPTS=""

I suppose that would solve your problem.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#211920: courier-imap-ssl: allow login after pam_tally counter exceeded defined threshold

[Stefan Hornburg]

Matt Zimmerman wrote:

On Sun, Sep 21, 2003 at 04:31:31PM +0800, Patrick Cheong Shu Yang wrote:



pam_tally allow logins even after the pre-defined threshold is exceeded;
and pam_tally counter continues to increase upon successful login
following a failed login



How is this a bug in courier-imap-ssl?



It is, courier-authdaemon didn't call pam_acct_mgmt. Does this warrant
a security update ?

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#339006: courier: Uses obsolete PostgreSQL build dependency

[Stefan Hornburg]

Martin Pitt wrote:

Package: courier
Version: 0.47-12
Tag: patch

Hi Stefan!

courier uses an obsolete way of building the PostgreSQL backend.
Please see [1] for the details and [2] for the patch. 


That sounds sensible, but how can I still be able to build the changed packages 
on
sarge ?

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#339006: courier: Uses obsolete PostgreSQL build dependency

[Stefan Hornburg]

Martin Pitt wrote:

Hi Stefan!

Stefan Hornburg [2005-11-14 22:14 +0100]:


Martin Pitt wrote:


Package: courier
Version: 0.47-12
Tag: patch

Hi Stefan!

courier uses an obsolete way of building the PostgreSQL backend.
Please see [1] for the details and [2] for the patch. 


That sounds sensible, but how can I still be able to build the changed 
packages on

sarge ?



Sarge? Sid packages are not required to build on sarge, but I guess a
build dependency

  libpq-dev | postgresql-dev

should do the trick. pg_config was available in sarge's postgresql-dev
already.


Yes, it isn't required. But allowing these packages to build on sarge is
a nice feature and appreciated by the Debian Courier community. Your
suggestion appears to work, thanks !

Bye
Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#340077: Table Editor: Problem with new items and ui_profile

[Stefan Hornburg]

package: interchange

Hello,

if you enable ui_profile for the item editor and the check fails,
the table editor leaves "new item" mode. 

If the key of the products table has widget type "hidden", it is
impossible to create a record from the following page.

So the ui_new_item setting should be passed on by the table
editor.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310131: /etc/init.d/courier-imap-ssl restart wont reread config files

[Stefan Hornburg]

kiu wrote:


Package: courier-imap-ssl
Version: 3.0.8-4
Severity: normal

Change config option SSLADDRESS in /etc/courier/imapd-ssl and run
"/etc/init.d/courier-imap-ssl restart". The configuration option is ignored.
Running a "stop" "start" combination works fine.


Yes, this is definitely a flaw in the init script(s).

Thanks for reporting this issue.

Bye
Racke




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310847: courier: version 0.50 is available

[Stefan Hornburg]

On Thu, 26 May 2005 14:52:45 +0300
Wladimir Mutel <[EMAIL PROTECTED]> wrote:

> Package: courier
> Severity: wishlist
> 
> 
> Courier versions 0.48,0.49 and 0.50 were already released.
> With various fixes/improvements as can be read below.
> 
> http://sourceforge.net/mailarchive/message.php?msg_id=9566483
> http://sourceforge.net/mailarchive/message.php?msg_id=11062332
> http://sourceforge.net/mailarchive/message.php?msg_id=11739431
> 
> Would be great to see new version packed into .debs
> I would test your experimental build to give you a feed back :>

I plan to upload Courier 0.50 to experimental next week.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#311175: courier-authlib: [FTBFS] missing dependency

[Stefan Hornburg]

On Sun, 29 May 2005 23:42:52 +0900 (JST)
Kenshi Muto <[EMAIL PROTECTED]> wrote:

> Package: courier-authlib
> Severity: serious
> Version: 0.56-0.1
> Tags: experimental
> 
> Experimental arm buildd failed to build your package (forget
> openssl?).

This appears to be a relict of the Courier package build. 

Thanks for the report.

Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#303459: courier-maildrop: link with authlib

[Stefan Hornburg]

On Wed, 06 Apr 2005 22:17:05 +0200
Mirko Grava <[EMAIL PROTECTED]> wrote:

> Package: courier-maildrop
> Version: 0.47-4
> Severity: wishlist
> 
> I dont understand why /etc/courier/authmodulelist has been deprecated.
> For me is a good idea have maildrop linked with authlib and I need this
> for our project. http://phamm.rhx.it/

We already discussing this with several developers. But it is unlikely
to happen before sarge (unless it takes a couple of months).

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#301294: inetd mode

[Stefan Hornburg]

Hello,

I suppose that you are using inet mode rather than this is a bug.
Please check your /etc/default/pure-ftpd-common setting.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#301721: pure-ftpd: Little addition to README.Debian on virtual chroots

[Stefan Hornburg]

On Sun, 27 Mar 2005 23:50:12 +0200
Roderik Muit <[EMAIL PROTECTED]> wrote:

> Package: pure-ftpd
> Version: 1.0.19-4
> Severity: wishlist
> 
> 
> Please consider adding a line to README.Debian to the Virtual Chroots section,
> along the lines of:
> "(NB: this only applies to the special 'virtual chroots' feature in pure-ftpd,
> enabling the user to follow symlinks outside a chroot jail. 'Regular' chroot
> functionality _is_ supported for virtual users.)"
> 
> At least for me (a user who doesn't know the ins and outs of the various FTP
> servers and who is just searching for the best one to suit his needs), this
> wasn't clear. Being lazy / not used to messing with source packages,
> I considered looking for another package after I read this. Which, I'm happy
> to see now, isn't necessary. :)

Because of support for virtual chroots in the next release of Debian packages
this section will vanish. Maybe you can give me your opinion on the text for
the Debconf template:

Template: pure-ftpd/virtualchroot
Type: boolean
Default: false
_Description: Enable virtual chroots ?
 Chrooted users are usually restricted to their home directory.
 With virtual chroots symbolic links are always followed, even if they are
 pointing to directories not located in the user's home directory. 
 This is useful for having shared directories like a symbolic link
 to /var/incoming in every home directory.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#307575: cross-site scripting attack via redirect parameter (CAN-2005-1308)

[Stefan Hornburg]

On Tue, 3 May 2005 20:26:39 -0400
Joey Hess <[EMAIL PROTECTED]> wrote:

> Package: sqwebmail
> Version: 0.47-4
> Severity: important
> Tags: security
> 
> sqwebmail is vulnerable to a cross-site scripting attack:
> 
>   Input passed to the "redirect" parameter is not properly sanitised. This can
>   be exploited to inject malicious characters into HTTP headers and may allow
>   execution of arbitrary HTML and script code in a user's browser session in
>   context of an affected site.
> 
> Details here: http://secunia.com/advisories/15119

The upstream author commented that advisory as follows:

I certainly never heard of it, and the description (or the lack of it) 
leaves me somewhat skeptical.  The redirect URL is generated by: 
output_attrencoded(cgi("redirect")), which encodes all metacharacters.

Move along, nothing here to see.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#304825: courier-imap: does not chdir / when daemonizing

[Stefan Hornburg]

On Fri, 15 Apr 2005 19:23:18 +0200
Peter Palfrader <[EMAIL PROTECTED]> wrote:

> Package: courier-imap
> Version: 3.0.8-4
> Severity: normal
> 
> When courier-imap daemonizes itself, it does not chdir to the /
> directory.  This means that whatever directory/filesystem the server was
> started from by the administrator stays busy for no good reason:
> 
> | lore:~# umount /disk5
> | umount: /disk5: device is busy
> | umount: /disk5: device is busy
> | lore:~# fuser -m /disk5
> | /disk5:  30086c 30099c 30142c
> | lore:~# ps xauf | grep 30142 
> | root 30142  0.0  0.2  3072 1452 ?S19:10   0:00  \_ 
> /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/imaplogin 
> /usr/lib/courier/authlib/authdaemon /usr/bin/imapd Maildir
> | lore:~# ps xauf | grep 30099 
> | root 30099  0.0  0.1  1764  540 ?S19:08   0:00 
> /usr/sbin/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger 
> -stderrloggername=imapd-ssl -maxprocs=40 -maxperip=20 
> -pid=/var/run/courier/imapd-ssl.pid -nodnslookup -noidentlookup 993 
> /usr/bin/couriertls -server -tcpd /usr/lib/courier/courier/imaplogin 
> /usr/lib/courier/authlib/authdaemon /usr/bin/imapd Maildir
> | lore:~# ps xauf | grep 30086 
> | root 30086  0.0  0.1  1764  536 ?S19:08   0:00 
> /usr/sbin/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger 
> -maxprocs=40 -maxperip=20 -pid=/var/run/courier/imapd.pid -nodnslookup 
> -noidentlookup 143 /usr/lib/courier/courier/imaplogin 
> /usr/lib/courier/authlib/authdaemon /usr/bin/imapd Maildir
> | lore:~# /etc/init.d/courier-imap stop
> | Stopping Courier IMAP server: imapd.
> | lore:~# cd /
> | lore:/# /etc/init.d/courier-imap-ssl stop
> | Stopping Courier IMAP-SSL server: imapd-ssl.
> | lore:/# /etc/init.d/courier-imap start
> | Starting Courier IMAP server: imapd.
> | lore:/# /etc/init.d/courier-imap-ssl start
> | Starting Courier IMAP-SSL server: imapd-ssl.
> | lore:/# umount /disk5
> | lore:/# 
> 
> Courier should chdir / somewhere in its daemonizing process.  See
> http://www.erlenstar.demon.co.uk/unix/faq_2.html#SEC16, point 4.

That sounds reasonable. At least the init scripts should chdir to
/.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#303459: courier-maildrop: link with authlib

[Stefan Hornburg]

On Wed, 06 Apr 2005 22:17:05 +0200
Mirko Grava <[EMAIL PROTECTED]> wrote:

> Package: courier-maildrop
> Version: 0.47-4
> Severity: wishlist
> 
> I dont understand why /etc/courier/authmodulelist has been deprecated.
> For me is a good idea have maildrop linked with authlib and I need this
> for our project. http://phamm.rhx.it/

Hello, Mirko !

Can you please elaborate what you need for project ?
What authlib do you referring to ?

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#312682: amavis-ng should better evaluate return codes of virus scanner (esp. h+bedv antivir)

[Stefan Hornburg]

On Thu, 9 Jun 2005 16:25:25 +0200
Robert Sander <[EMAIL PROTECTED]> wrote:

> Package: amavis-ng
> Version: 0.1.6.9-1
> Severity: normal
> 
> Hi!
> 
> We have amavis-ng, H+BEDV's antivir and qmail running.
> 
> When an email goes through the chain and in the same second the antivir
> updater retireves a new antivir.vdf virus description antivir exits with
> code 212: "The file antivir.vdf could not be read".

Isn't that kind of stupid ?

> 
> amavis-ng should better react to that error code and exit with code 111
> (in case of qmail) denoting a temporary failure (deferral). Maybe other
> MTAs have similar means for program deliveries.
> 
> Maybe there are other circumstances which should be treated as temporary
> failures and not cause amavis-ng to put these emails into the problems
> directory.
> 

That sounds like a good idea, e.g. if the virus scanner runs as daemon
and has been crashed or is in the progress to be updated, 
we would be able to issue a temporary failure.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#300440: post-installation returns error code 21 if /usr/share/doc/menu/html does not exist

[Stefan Hornburg]

On Thu, 24 Mar 2005 23:43:04 -0300
Gustavo Franco <[EMAIL PROTECTED]> wrote:

> tags 300440 +patch
> thanks
> 
> Hi Stefan,
> 
> I've tracked this bug and with the vorlon and fatalerror help
> i reproduced it this way:
> 
> - Install dhelp package;
> - Install doc-linux-it package;
> - Remove or move /usr/share/doc;
> - dpkg-reconfigure doc-linux-it. =)
> 
> There's patch below that i think can help you fixing this 
> problem. If you can't upload a new package soon, since it's a RC 
> bug let me known and i'll do a NMU with this patch.

Thanks, I'll check this out this weekend.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#294656: Fix this bug?

[Stefan Hornburg]

On Tue, 29 Mar 2005 22:52:26 +0200
Frederik Kunz <[EMAIL PROTECTED]> wrote:

> This bug can be fixed by simply adding a dependency to fam. Anyone 
> willing to add this?
> 

This is no solution, because many users expressed the desire to not run
fam. The dependency isn't required for running courier-imap.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#314354: courier: source/dev package with auth libraries

[Stefan Hornburg]

On Wed, 15 Jun 2005 17:32:14 -0400
Charles Fry <[EMAIL PROTECTED]> wrote:

> Package: courier
> Severity: wishlist
> 
> Hi,
> 
> I would like to package courierpassd (see bug #244693), but it depends
> on libauth.a and libauthmod.a from courier. Would you be able to provide
> a courier-dev pakcage that made these libraries available in binary form?
> 
> Thank you for all the work you put into courier, and for your assistance
> in this matter.

Hm, where can I find libauth.a and libauthmod.a ? I cannot locate them in
the courier-authlib sources.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#314354: courier: source/dev package with auth libraries

[Stefan Hornburg]

On Mon, 20 Jun 2005 16:25:15 -0400
Charles Fry <[EMAIL PROTECTED]> wrote:

> > > I would like to package courierpassd (see bug #244693), but it depends
> > > on libauth.a and libauthmod.a from courier. Would you be able to provide
> > > a courier-dev pakcage that made these libraries available in binary form?
> > > 
> > > Thank you for all the work you put into courier, and for your assistance
> > > in this matter.
> > 
> > Hm, where can I find libauth.a and libauthmod.a ? I cannot locate them in
> > the courier-authlib sources.
> 
> That is exactly the problem. :-)
> 
> These files are not in the sources, but rather are built when you
> compile the package. Unfortunately, in order to use these files in an
> external package they need to be included in some .deb. That's why a
> courier-dev package containing these files would be helpful.
> 
> Let me know if I have still not managed to explain this clearly, or if I
> could help in creating such a package.

I would be nice if you can point me to the Makefile with the instructions
to build these files.

Thanks
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#315381: fsck.jfs segfaults in some situations when replaying journal

[Stefan Hornburg]

On Wed, 22 Jun 2005 11:07:45 +0200
Nico Schottelius <[EMAIL PROTECTED]> wrote:

> Package: jfsutils
> Version: 1.1.7-1
> Severity: critical
> 
> 
> Using fsck.jfs on my loopback file caused it multiply to segfault.
> I could 'fix' it by using --omit_journal_replay.
> 
> I don't know in which state the filesystem has to be to segfault fsck,
> but someone should check the log replay source.

I just uploaded jfsutils 1.1.8-1. This upstream release is supposed
to fix problems with journal replays. Can you please test if your
problem still persists ?

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#250725: Sympa's $HOME changed again.

[Stefan Hornburg]

On Sat, 25 Jun 2005 22:34:50 +1000
matt hope <[EMAIL PROTECTED]> wrote:

> ["Dr. Andreas Kr?ger" <[EMAIL PROTECTED]> - 14:58PM Tuesday Oct  5]:
> 
> > In case it matters: When reporting the bug, I had manually re-adjusted 
> > Sympa's $HOME to /home/sympa. Upgrading from version 3.4.4.3-6 to version 
> > 4.1.2-1 today again moved it back to /var/lib/sympa, again removing the 
> > mailing list functionality for me.
> > 
> > 
> ># diff -u0 /backup/etc/passwd /etc/passwd
> >--- /backup/etc/passwd  2004-09-27 11:51:35.0 +0200
> >+++ /etc/passwd 2004-10-05 13:10:09.0 +0200
> >@@ -37 +37 @@
> >-sympa:x:104:1012:Sympa mailing list manager:/home/sympa:/bin/bash
> >+sympa:x:104:1012:Sympa mailing list manager:/var/lib/sympa:/bin/false
> 
> From sympa-4.1.5/debian/postinst ...
> 
> > # creating sympa user if he isn't already there
> > if ! grep -q ^sympa: /etc/passwd; then
> > echo Adding system user: sympa.
> > adduser --system --ingroup sympa --home /var/spool/sympa sympa
> > fi
> > 
> > usermod -c "Sympa mailing list manager" sympa
> > usermod -d "/var/lib/sympa"sympa
> > usermod -g "sympa" sympa
> > usermod -s "/bin/false"sympa
> 
> This sill change the comment/homedir/shell of the 'sympa' user every
> time the package is upgraded. I believe it may be best to at least put
> the group (-g), comment (-c) and shell (-s) usermod lines inside the
> "grep /etc/passwd" check. This way, local admin changes will be
> preseved.

You are right. This is old, ugly code and now replaced by a much shorter
and better implementation.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#237621: Sympa: Use /etc/apache/conf.d instead of patching httpd.conf

[Stefan Hornburg]

On Sat, 25 Jun 2005 21:20:17 +1000
Matt Hope <[EMAIL PROTECTED]> wrote:

> 
> As of (at least) 4.1.5-2, Sympa installs /etc/apache/conf.d/sympa
> 
> Thus, I believe this bug can be closed.

Yes, but I suppose we should add a similar file for apache2.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#315636: sqwebmail: Doesn't parse out extra data in the comments field of /etc/passwd

[Stefan Hornburg]

On Sat, 25 Jun 2005 13:14:14 +0200
Willi Mann <[EMAIL PROTECTED]> wrote:

> 
> > OK, the problem really was wrong parsing of the GECOS field. The patch 
> > is attached. Do you know how to recompile courier?
> 
> Note to racke and me: I'm not sure whether this problem applies to 0.50 and 
> above. I failed to find a similar piece of code. If it's entirely removed, 
> the bug is even bigger there.

The code in courier-authlib looks completely different to me. I suggest to
bring up this problem on courier-users.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#316155: Exim4 queue runner loops infinitely on MX without IP address

[Stefan Hornburg]

package: exim4-daemon-heavy
version: 4.50-5
severity: important
tags: sarge

Note

This might be critical bug (DoS), please escalate if necessary.
At least this should be resolved for next Sarge point release.

Justification

On of my servers Exim4 claimed the CPU on queue running. This problem
has been described and confirmed on Exim users list:

http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050404/msg00071.html

Removing the patch for #296492 apparently resolved the problem.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#316490: courier-mta: Courier filters

[Stefan Hornburg]

On Fri, 01 Jul 2005 12:19:39 +0200
Thomas Prokosch <[EMAIL PROTECTED]> wrote:

> Package: courier-mta
> Severity: wishlist
> 
> Hello,
> 
> After searching for a greylisting solution for Courier I found
> http://phantom.dragonsdawn.net/~gordon/courier-patches/courier-pythonfilter/
> on the net. I would like to see this in Debian. Before I go and file an RFP
> I would like to know whether a package of its own is justified (the scripts
> are rather small and make only sense for Courier) or it makes more sense to
> include these scripts as a patch to the courier-mta package itself.

I would prefer a separate package. There is a  courier-filter-perl package
as well right now.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335012: Menu editor bug

[Stefan Hornburg]

package: interchange-ui
severity: minor

There appears to be a bug in the menu editor which results in the 
following error message in the catalog log file:


Unknown filter 'unescape'

I grepped the sources (version 5.2.1 and CVS), but there is no trace of 
this filter.


Please advise

Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335512: courier-imap-ssl: 2004-10-24 Testing update causes imap ssl to cease working

[Stefan Hornburg]

Russel Winder wrote:

Package: courier-imap-ssl
Version: 3.0.8-11
Severity: grave
Justification: renders package unusable


I run Debian GNU/Linux Testing.  My courier IMAP SSL system was
working fine.  I upgraded this morning 2005-10-24 and now for every
attempted connection, I get:

Oct 24 12:26:44 dimen imapd-ssl: couriertls: /etc/courier/imapd.pem:
error:25066067:DSO support routines:DLFCN_LOAD:could not load the
shared library

I am hoping that this is just a dependency problem relating to the
upgrade of libssl but...

In any event it completely stops the installation working.


This in fact a problem with courier-ssl, already reported. Presumably
it is caused by libssl0.9.7 / libssl0.9.8 transition.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335512: Me too

[Stefan Hornburg]

Olaf van der Spek wrote:

Hi,

The same happens on my system. :(


Yes, I reproduced this behaviour with a sarge backport of openssl+courier.
Can you please check if installing zlib1g-dev on your system fixes this
problem ?

A strace done by an user reveals that couriertls is searching for libz.so,
which is only in this package.

Bye
Racke




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335512: Me too

[Stefan Hornburg]

Olaf van der Spek wrote:

Stefan Hornburg wrote:


Olaf van der Spek wrote:


Hi,

The same happens on my system. :(




Yes, I reproduced this behaviour with a sarge backport of 
openssl+courier.

Can you please check if installing zlib1g-dev on your system fixes this
problem ?



# ln -s libz.so.1 libz.so

That's a bit easier and appears to fix it.




Sure, but this can't be done by the courier-ssl package.

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335603: DSO error persists!

[Stefan Hornburg]

On Tue, 25 Oct 2005 00:06:40 +0200
Ernest Turro <[EMAIL PROTECTED]> wrote:

> Package: courier-ssl
> Version: 0.47-11
> 
> Bug #333788 still persists and has made it into testing. The horror!  
> Shouldn't this be under "grave"? Impossible to access retrieve email.

That is very unfortunate, #335512 contains more information on why it
happened. 

> The error server-side when trying to access the imap server:
> 
> imapd-ssl: couriertls: /etc/courier/imapd.pem: error:25066067:DSO  
> support routines:DLFCN_LOAD:could not load the shared library
> 
> Downgrading to 0.47-9 fixed the problem.

Or creating a symlink for /usr/lib/libz.so.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#335512: Me too

[Stefan Hornburg]

On Mon, 24 Oct 2005 23:09:09 +0200
Olaf van der Spek <[EMAIL PROTECTED]> wrote:

> Stefan Hornburg wrote:
> > Olaf van der Spek wrote:
> > 
> >> Stefan Hornburg wrote:
> >>
> >>> Olaf van der Spek wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> The same happens on my system. :(
> >>>
> >>>
> >>>
> >>>
> >>> Yes, I reproduced this behaviour with a sarge backport of 
> >>> openssl+courier.
> >>> Can you please check if installing zlib1g-dev on your system fixes this
> >>> problem ?
> >>
> >>
> >>
> >> # ln -s libz.so.1 libz.so
> >>
> >> That's a bit easier and appears to fix it.
> >>
> >>
> > 
> > Sure, but this can't be done by the courier-ssl package.
> 
> It's just a work around anyway.
> Whatever is looking for libz.so should probably be looking for libz.so.1 
> or libz should provide the symlink.

It turned out that it is probably an error in current openssl packages.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#211920: Solution found for bug #211920

[Stefan Hornburg]

On Thu, 27 Oct 2005 23:11:52 +0200
David Härdeman <[EMAIL PROTECTED]> wrote:

> I've found the problem...
> 
> authlib/authpam.c doesn't call pam_acct_mgmt meaning that no check is 
> performed if the user should actually be permitted access. This also 
> means that the problem lies with courier-authdaemon rather than 
> courier-imap(-ssl).
> 
> For an explanation of pam_acct_mgmt, see:
> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-3.html
> "This function is typically called after the user has been 
> authenticated. It establishes whether the user's account is healthy. 
> That is to say, whether the user's account is still active and whether 
> the user is permitted to gain access to the system at this time."
> 
> also the example app at:
> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-8.html
> 
> I've included a patch which fixes the problem by restoring the 
> pam_acct_mgmt call. I've built courier-authdaemon with this patch 
> applied and verified that it does indeed fix the problem and it seems to 
> have no side effects.

Thanks for your investigation and your patch. I'll contact upstream to get
a comment from him about this patch and simultaneously build a new version
of Courier with this patch included.

> 
> I hope that a fixed version can be included in sarge as soon as possible 
> since this could potentially be a security issue (e.g. if the account 
> has been disabled, access would still be granted).
> 

Please contact the security team about this matter.

With regards

Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Bug#211920: Solution found for bug #211920

[Stefan Hornburg]

On Thu, 27 Oct 2005 23:36:49 +0200
David Härdeman <[EMAIL PROTECTED]> wrote:

> On Thu, Oct 27, 2005 at 11:27:04PM +0200, Stefan Hornburg wrote:
> >On Thu, 27 Oct 2005 23:11:52 +0200 David Härdeman <[EMAIL PROTECTED]> wrote:
> >> I hope that a fixed version can be included in sarge as soon as possible 
> >> since this could potentially be a security issue (e.g. if the account 
> >> has been disabled, access would still be granted).
> >
> >Please contact the security team about this matter.
> 
> Yep, I cc:ed them in the mail so I'll wait and see what they decide.

FYI: I found a message from upstream author Sam Varshavchik about the reason
why he disabled this call in the courier-imap mailing list:

--snip--
Aman Gupta writes:
> I am trying to figure out why the pam_acct_mgmt() function call was
> commented out 4 years ago in this cvs update:
> http://cvs.sourceforge.net/viewcvs.py/courier/libs/authlib/authpam.c?...

It appears that the reason is memory leaks in PAM.

> If possible, please uncomment this code so that pam account modules can
> be used to control access based on time, date, group membership, etc.

Can't you uncomment it yourself, and see what happens? 
--snap--

So I suppose it is safe to enable this call.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Bug#330655: sarge /usr/share/sympa/db/install-mysql-db script wrong use of host for account

[Stefan Hornburg]

On Fri, 28 Oct 2005 16:38:30 +1000
Geoff Crompton <[EMAIL PROTECTED]> wrote:

> I noticed the change log for 4.1.5-5 indicates that this has been fixed.
> However the Bug Tracking System doesn't indicate that it has been fixed.
> Can you sort that out? (I'm not a DD, but I suspect that the format for
> the changelog didn't trigger a bug close in the BTS).

Sorry, I messed this up - there was never a 4.1.5-5 release. I'll close
the bug manually.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#336156: sympa install scripts incorrectly call install-mysql-db.pl

[Stefan Hornburg]

On Fri, 28 Oct 2005 17:26:28 +1000
Geoff Crompton <[EMAIL PROTECTED]> wrote:

> Package: sympa
> Version: 4.1.5-2
> Severity: important
> 
> In the postinst /usr/share/sympa/db/prepare_db is called. In prepare_db 
> you set OPTS to "-w $RET $OPTS" to use the debconf sympa/db_user. You
> then call /usr/share/sympa/db/install-mysql-db to setup the database.
> it doesn't use -w.
> 
> However install-mysql-db doesn't understand -w.

You are correct. I applied your patch. 

Thanks
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#336136: courier-imap-ssl: update fails: /usr/lib/courier/imapd.pem: Too many levels of symbolic links

[Stefan Hornburg]

On Fri, 28 Oct 2005 07:31:54 +0200
Frank Hartmann <[EMAIL PROTECTED]> wrote:

> Package: courier-imap-ssl
> Version: 3.0.8-11
> Severity: normal
> 
> 
> Hello,
> 
> I have problems using courier-imapd-ssl. It tries to create a private
> key at every update of the package. I do not understand why. 
> 
> Additionally it fails to do above:
> 
> writing new private key to '/usr/lib/courier/imapd.pem'
> /usr/lib/courier/imapd.pem: Too many levels of symbolic links
> 21264:error:02001028:system library:fopen:Too many levels of symbolic
> lin:bss_fi le.c:349:fopen('/usr/lib/courier/imapd.pem','w')
> 21264:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:
> dpkg: error processing courier-imap-ssl (--configure):
>  subprocess post-installation script returned error exit status 1
> 
> 
> I am wondering why /usr/lib/courier/imapd.pem
> 
> I had now:
> 
> fantasio:~# locate imapd.pem
> /etc/courier/imapd.pem
> /etc/ssl/certs/imapd.pem
> /etc/ssl/certs/imapd.pem_expired
> /usr/lib/courier/imapd.pem
> 
> and /usr/lib/courier/imapd.pem is gone now:
> 
> fantasio:~# ls /usr/lib/courier/imapd.pem
> ls: /usr/lib/courier/imapd.pem: No such file or directory
> 
> 
> 
> 
> I doubt that this is ok? It seems that I have have messed up something
> during the first install. Could you please advise?

Usually /usr/lib/courier/imapd.pem is a symbolic link to /etc/courier/imapd.pem.
Something has changed locally on your system.

Bye
Racke



-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#334920: ** PROBLEM alert - lonemountain/IMAPS is CRITICAL ** (fwd)

[Stefan Hornburg]

On Sat, 29 Oct 2005 06:55:33 +0200 (CEST)
Ondrej Jombik <[EMAIL PROTECTED]> wrote:

> Hello
> 
> Please provide some downgrade package links, this cannot leave in this state.
> 
> IMAPS is not working.

Just create a symbolic link libz.so in /usr/lib pointing to libz.so.1

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#330488: dhelp: Version built with gcc-4.0 segfaults on installation

[Stefan Hornburg]

Daniel Schepler wrote:


Package: dhelp
Severity: serious
Version: 0.5.21

As the subject says, if I rebuild dhelp using an up-to-date sid
system, then try to install the resulting package (even in a clean
pbuilder chroot), I get a segmentation fault:

Unpacking dhelp (from .../d/dhelp/dhelp_0.5.21_i386.deb) ...
Setting up dhelp (0.5.21) ...
Building HTML tree .../var/lib/dpkg/info/dhelp.postinst: line 45: 15325 
Segmentation fault  /usr/sbin/dhelp_parse -r
dpkg: error processing dhelp (--configure):
subprocess post-installation script returned error exit status 139
Errors were encountered while processing:
dhelp
E: Sub-process /usr/bin/dpkg returned an error code (1)
 


The attached patch fixes the problem for me. Please confirm that.

Bye
  Racke

Index: dhelp_parse.c
===
RCS file: /home/cvs/dhelp/dhelp_parse.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- dhelp_parse.c   31 Mar 2005 18:27:24 -  1.25
+++ dhelp_parse.c   19 Aug 2005 15:32:46 -  1.26
@@ -2,7 +2,7 @@
*** dhelp*** 
***Debian online help system ***

-   ***  Copyright (c) 2001-02 by Stefan Hornburg (Racke) <[EMAIL PROTECTED]>
+   ***  Copyright (c) 2001-02,2005 by Stefan Hornburg (Racke) <[EMAIL 
PROTECTED]>
***  Copyright (c) 1997-99 by Marco Budde ([EMAIL PROTECTED])  ***
*** GNU GPL license  ***
 */
@@ -327,7 +327,7 @@
   clearerr (out);
  
   path_index_cwd (cwd);
-  db_title_read (tdb, cwd, zw2, sizeof (zw));
+  db_title_read (tdb, cwd, zw2, sizeof (zw2));
 
   /* 
   if (strlen(zw2) == 0)

Bug#330655: sarge /usr/share/sympa/db/install-mysql-db script wrong use of host for account

[Stefan Hornburg]

On Thu, 29 Sep 2005 11:53:02 +1000
[EMAIL PROTECTED] wrote:

> Package: sympa
> Version: 4.1.5-2
> Severity: important
> 
> The -h parameter of /usr/share/sympa/db/install-mysql-db is used to form
> the dsn to connect to the database.
> It is also used for the GRANT ALL.
> 
> So if you are using a mysql server on another host, you can't connect to
> the database as the sympa user.

Thanks for the patch !

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#331155: Component editor removes [no-match] section

[Stefan Hornburg]

package: interchange

The component editor removes any [no-match] section from the content of
the component before making it available in the edit area. After publishing
the component these sections are missing from the saved file.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#331362: sympa: Permissions too restrictive

[Stefan Hornburg]

On Mon, 03 Oct 2005 12:25:52 +0800
Terminus Network Services <[EMAIL PROTECTED]> wrote:

> Package: sympa
> Version: 4.1.5-2
> Severity: normal
> 
> 
> The postinst script does not give read rights to other on the conf
> files, /var/lib/sympa or /var/spool/sympa.  This stops the Web
> interface from working as it is running as the Web user www-data.

Quote from the Sympa documentation:

--snip--
Because Sympa and WWSympa share a lot of files, wwsympa.fcgi, must run with the 
same uid/gid as archived.pl, bounced.pl and sympa.pl. 
--snap--

The postinst script changes the owner of this CGI script and sets the suid bit 
if you
enable WWSympa via debconf.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#331628: Non-descriptive search error

[Stefan Hornburg]

package: interchange
severity: minor

I migrated an Interchange store to the current CVS. In a search specification 
there was
code leftover:

[item-param Gruppe]

The older version doesn't mind, but the current one failed with:

search error: Limit subroutine creation: Can't use an undefined value as an 
ARRAY reference at /usr/lib/interchange/Vend/Search.pm line 653.

which comes from:

$c->[$i] = $s->{mv_numeric}[$i]
? [ @{$numopmap{$o}} ]
: [ @{$stropmap{$o}} ];

IC should check the search operation strings earlier and give the user a 
descriptive error
message.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#331670: Better defaults for AddDirective

[Stefan Hornburg]

package: interchange
severity: wishlist

The AddDirective configuration directive allows to specify a default. 
However, this is only a string value. 

It would be nice if the string value is parsed, e.g.

AddDirective Swish hash "swish_cmd /usr/bin/swish-e"

resulting in:

 'Swish' => {
   'index' => 'products/swish-e.db',
   'swish_cmd' => '/usr/bin/swish-e'
 },

instead of:

 'Swish' => {
   'index' => 'products/swish-e.db',
   'swish_cmd /usr/bin/swish-e' => undef
 },

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#331037: courier-imap: Trash not purged

[Stefan Hornburg]

On Sat, 01 Oct 2005 00:56:03 -0400
Charles Fry <[EMAIL PROTECTED]> wrote:

> Package: courier-imap
> Version: 3.0.8-4sarge3
> Severity: minor
> 
> Even though /etc/courier/imapd contains the line:
> 
> IMAP_EMPTYTRASH="Trash:30,Spam:30"
> 
> Messages older than 30 days in my Spam directory are deleted, but
> messages in my Trash remain forever.

What happens if you try:

IMAP_EMPTYTRASH="Spam:30,Trash:30"

Thanks
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#314354: courier-dev status?

[Stefan Hornburg]

On Tue, 23 Aug 2005 12:21:39 -0400
Charles Fry <[EMAIL PROTECTED]> wrote:

> 
> Racke,
> 
> I apologize in advance for asking again about the courier-dev package I
> requested, but I was really hoping you might be able to get to it soon.
> I have a new courier utility package that I would like to upload
> (courierpassd), but I need these libraries in order to complete it.
> 
> Please let me know if there is anything more that I can do to help you
> out with this.

There is no need to apologize. My current problem is that courier 0.51
doesn't build anymore with FAM on Debian and I need to solve this first.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#325135: maildrop: lockmail doesn't drop privileges

[Stefan Hornburg]

On Sun, 28 Aug 2005 13:00:19 +0200
Martin Schulze <[EMAIL PROTECTED]> wrote:

> Andres Salomon wrote:
> > On Sat, 2005-08-27 at 11:42 +0100, Steve Kemp wrote:
> > > On Sat, Aug 27, 2005 at 12:27:51PM +0200, Martin Schulze wrote:
> > > 
> > > > Thanks a lot for the report.  This is CAN-2005-2655.
> > > > 
> > > > > The bug affects 1.5.3-1.1 sarge/etch/sid and 1.8.1-2 in experimental,
> > > > > and should be easy to fix: Just add setgid(getgid()) before the
> > > > > execvp(). I tested the attached patch briefly and verified that it
> > > > > builds and prevents this bug.
> > > > 
> > > > Steve, could you take care of sid and experimental packages if Joy
> > > > is too busy?
> > > 
> > >   Certainly.  Once the advisory is out I can make an upload if Joy
> > >  hasn't already made one.
> > > 
> > 
> > I can also do an upload; Joy already said I should comaintain, I've just
> 
> Please go ahead.
> 
> > been waiting for racke to do a new courier upload so that I can actually
> > use maildrop (I have new maildrop packages in experimental that're just
> > rotting away, waiting).
> > 
> > Speaking of racke, has anyone checked whether courier-maildrop needs the
> > same patch?
> 
> Not before your mail.  However, it seems that the code is in the source
> package, but there is no lockmail binary exposed by courier, hence, no
> need to patch it as well.

There is a lockmail in courier-mta, but it is not setuid in the sarge version.

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#325631: XSS vulnerability

[Stefan Hornburg]

On Mon, 29 Aug 2005 23:35:14 +0200
Florian Weimer <[EMAIL PROTECTED]> wrote:

> Package: sqwebmail
> Version: 0.47-4
> Tags: security sarge
> 
> Secunia has reported a cross-site scripting vulnerability:
> 
> 
> 
> According to them, the bug is also present in the 4.x/0.4x versions.
> 
> The vendor has confirmed this for the 5.x versions:
> 
> 
> 

Tested patch for the version in sarge is attached.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



CAN-2005-2724.patch
Description: Binary data

Bug#333896: Courier IMAP SSL broken after update

[Stefan Hornburg]

Yonatan Feldman wrote:


Package: courier-ssl

After performing a standard update using apt-get and dselect I can no
longer connect to my SSL Courier IMAP server.

I get the following error from mutt:

   gnutls_handshake: A TLS packet with unexpected length was received.

I ran the "gnutls-cli-debug -v -p 993 mail.milliped.com" and got the
following output:

   Resolving 'mail.milliped.com'...
   Connecting to '66.59.109.158:993'...
   Checking for TLS 1.1 support... no
   Checking fallback from TLS 1.1 to... failed
   Checking for TLS 1.0 support... no
   Checking for SSL 3.0 support... no

   Server does not support none of SSL 3.0, TLS 1.0 and TLS 1.1

How can I restore SSL/TLS support?

I have attached a log of the update output from the terminal
 


That looks similar to bug #333788.

Bye
  Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#334045: courier-imap-ssl: Wrong behaviour with newly updated messages

[Stefan Hornburg]

Stephane Magnenat wrote:


Package: courier-imap-ssl
Severity: normal


The debian sarge version of courier-imap-ssl (I suppose normal imap too,
btu I'm using ssl) exhibits strange behaviours for newly created
messages (not newly received). Indeed, it looks like that immediately
after uploading a message to the mail server, the mail server does not
report this message as existing. This creates buggy behaviours in some
groupware clients such as kontact (see kde bug report #113550,
https://bugs.kde.org/show_bug.cgi?id=113550).
 


What are "newly created" messages ? How do you upload
messages ? Which clients are exposing this bug ?
Your courier-imap configuration files ?

The bug database seems to be unreachable in the moment,
so please answer these questions.

Bye
Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#334045: courier-imap-ssl: Wrong behaviour with newly updated messages

[Stefan Hornburg]

Stephane Magnenat wrote:


On Saturday 15 October 2005 13.11, you wrote:
 


Stephane Magnenat wrote:
   


Package: courier-imap-ssl
Severity: normal


The debian sarge version of courier-imap-ssl (I suppose normal imap too,
btu I'm using ssl) exhibits strange behaviours for newly created
messages (not newly received). Indeed, it looks like that immediately
after uploading a message to the mail server, the mail server does not
report this message as existing. This creates buggy behaviours in some
groupware clients such as kontact (see kde bug report #113550,
https://bugs.kde.org/show_bug.cgi?id=113550).
 


What are "newly created" messages ? How do you upload
messages ? Which clients are exposing this bug ?
Your courier-imap configuration files ?
   



I'm using kontact from kde, which uses imap server to store contact, calendar 
and notes entries as emails. By newly created message, I mean a newly created 
contact, calendar entry or notes, i.e. a email that the imap client upload to 
the imap server, not a mail received through the server mail system.


I've attached my imap related courier files. They are bare debian ones, I 
haven't touched them.


 


Sam Varshavchik (upstream author of courier-imap) wrote to me:

--snip--
Without looking at a protocol log, the description sounds like the 
client expects the server to report a new message in the folder 
immediately at the conclusion of an APPEND or a COPY command.


This is wrong.  There's nothing in IMAP that guarantees that the server 
will report any new contents of the folder at the conclusion of an 
APPEND or a COPY.


That's what the NOOP command is for.
--snap--

Can you please set IMAPDEBUGFILE in imapd configuration file and send the
resulting protocol log to me ?

Bye
   Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#334464: Courier pop3 startup script uses wrong config file

[Stefan Hornburg]

Jan Michael Greiner wrote:


Package: courier-pop
Version: 0.47-4sarge3


/etc/init.d/courier-pop contains the line

. "${sysconfdir}/pop3d-ssl"

but should contain

. "${sysconfdir}/pop3d"

(without the "ssl") instead.
 

No, this line is correct. It reads both configuration files. The 
pop3d-ssl configuration

file is needed to determine where STLS should be offered or not.

Bye
  Racke




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310847: courier: version 0.50 is available

[Stefan Hornburg]

Olaf van der Spek wrote:

Hi Racke,



I plan to upload Courier 0.50 to experimental next week. (Fri, 27 May 2005 
17:01:50 +0200)



When can this version be expected in unstable?




Never, but I'm now pretty close with Courier 0.52.1. I expect that I 
need a few weeks to test out upgrade issues.


Bye
  Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310847: courier: version 0.50 is available

[Stefan Hornburg]

Olaf van der Spek wrote:

On 10/18/05, Stefan Hornburg <[EMAIL PROTECTED]> wrote:


Never, but I'm now pretty close with Courier 0.52.1. I expect that I
need a few weeks to test out upgrade issues.



Great. Will that include the mkpopdcert I send you?




It will include probably a mkcouriercert :-).

Bye
  Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310847: courier: version 0.50 is available

[Stefan Hornburg]

Olaf van der Spek wrote:

On 10/18/05, Stefan Hornburg <[EMAIL PROTECTED]> wrote:


Olaf van der Spek wrote:


On 10/18/05, Stefan Hornburg <[EMAIL PROTECTED]> wrote:



Never, but I'm now pretty close with Courier 0.52.1. I expect that I
need a few weeks to test out upgrade issues.



Great. Will that include the mkpopdcert I send you?




It will include probably a mkcouriercert :-).



Nice. Has it been written already? If so, could I see it.


To be honest, no. But there are enough bugs to warrant a decent script 
which can be steered by commandline parameters instead of the .cnf 
approach. If there is another Debian package which does this already,

I would gladly devour its code instead of starting from scratch.



Does it use the host name as the common name (by default) instead of localhost?
And does it not use the other fields (by default)?




Maybe /etc/mailname should be used if nothing else is specified.
What do you think ?

Bye
Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#310847: courier: version 0.50 is available

[Stefan Hornburg]

Peter Mann wrote:

On Tue, Oct 18, 2005 at 11:51:16AM +0200, Stefan Hornburg wrote:


Olaf van der Spek wrote:


Hi Racke,



I plan to upload Courier 0.50 to experimental next week. (Fri, 27 May 
2005 17:01:50 +0200)



When can this version be expected in unstable?




Never, but I'm now pretty close with Courier 0.52.1. I expect that I 
need a few weeks to test out upgrade issues.



0.50 from experimental recompiled for sarge working fine ... can you send
me URL with debianized sources for 0.52.1 ??? i can test it with all my
patches and changes (for example with trashquota)



deb-src http://debian.linuxia.de/ courier-test main

Disclaimer: This is work in progress and may hose your system.

A fresh upload to experimental is planned, but only if I'm pretty 
certain about the package structure to avoid unnecessary delays by

the introduction of new packages.

Bye
Racke



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#329705: ITL injection

[Stefan Hornburg]

package: interchange-cat-foundation
version: 5.2.0-2
tags: security

Important: Security flaw found in Interchange demo catalog.

A security flaw has been discovered in the Interchange demo catalog which
allows an arbitary user to inject Interchange Tag Language (ITL) into the
forum/submit.html page. This affects catalogs built on the 'foundation' dem
included with Interchange from version 4.9.3 (development) and 5.0 (stable).

The Interchange Development Group recommends that all vulnerable catalogs
are immediately patched with the updated version of the forum/submit.html
file. Alternatively, if the forum feature is not being used, the page can
safely be removed. Whether or not the forum feature is being used, this page
should be patched or removed.


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#329677: Pure-FTPD Options

[Stefan Hornburg]

On Thu, 22 Sep 2005 18:58:40 +0200
Torsten Flammiger <[EMAIL PROTECTED]> wrote:

> Package: pure-ftpd
> Version: 1.0.19-4
> 
> The pure-ftpd wrapper lacks at least the option
> to not chroot trusted users: -a 
> 
> Maybe you can add it in the next release. For
> now, i added "'ChrootButTrusted' => ['-a %s', \&parse_string],"
> to the %conf hash myself. Maybe it should not be \&parse_string
> but \&parse_number_1 - but: it works as i expected  :-) 

The option is already there as TrustedGID which is the name 
according to the pure-ftpd manual page.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#330092: ITP: libset-crontab-perl - Expand crontab-style integer lists

[Stefan Hornburg]

package: wnpp
severity: wishlist

Package name: libset-crontab-perl
Version: 1.00
Upstream author: Abhijit Menon-Sen < 
[EMAIL PROTECTED]> 

URL: http://search.cpan.org/~ams/Set-Crontab-1.00/
License: Artistic License

Description:

Set::Crontab parses crontab-style lists of integers and defines
some utility functions to make it easier to deal with them.

Bye
  Racke




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#115306: Obsolete bug

[Stefan Hornburg]

On Sat, 3 Sep 2005 23:01:36 +0100
Esteban Manchado Velázquez <[EMAIL PROTECTED]> wrote:

> usertag 115306 + ignore
> thanks
> 
> Hi,
> 
>I think this bug is obsolete:
> 
> - 8< -
> [EMAIL PROTECTED]:~/src/debian/dhelp/dhelp-0.5.21$ glark -r bgcolor .
> [EMAIL PROTECTED]:~/src/debian/dhelp/dhelp-0.5.21$ glark -r bgcolor 
> /usr/share/doc/HTML/
> [EMAIL PROTECTED]:~/src/debian/dhelp/dhelp-0.5.21$ 
> - >8 -
> 
> What bgcolor???




Debian Online Help
mailto:[EMAIL PROTECTED]">


  fprintf (out, "\n");

in dhelp_parse.c

Bye
Racke

-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Bug#188258: What happened to this feature?

[Stefan Hornburg]

On Sun, 28 Aug 2005 01:31:28 +0100
Esteban Manchado Velázquez <[EMAIL PROTECTED]> wrote:

> Hi,
> 
>Daniel K. Gebhart, more than two years ago, said that the next release of
> dhelp would have that feature ("all docs" section), but I don't seem to find
> it, and the bug keeps being open. What happened, anyone can comment on this?

Daniel K. Gebhart was a former maintainer of dhelp, but dropped all efforts to
work on dhelp.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Bug#19076: More info on #19076

[Stefan Hornburg]

On Sat, 3 Sep 2005 19:26:32 +0100
Esteban Manchado Velázquez <[EMAIL PROTECTED]> wrote:

> Hi all,
> 
>I'm looking at this bug, but I don't know what to do. If the only problem
> is lowercasing sections, it's already done (it seems).
> 
>However, I've found a couple of empty titles myself:
> 
>  8< 
> [EMAIL PROTECTED]:~/src/debian/dhelp/dhelp-0.5.21$ egrep -r "TITLE><" 
> /usr/share/doc/HTML
> /usr/share/doc/HTML/standards/index.html:
> /usr/share/doc/HTML/web/w3c/index.html:
>  >8 
> 
> I wondered, then, if "standards" and "web/w3c" were valid sections, so I
> looked for the canonical doc-base section list. What I found was:
> 
>  8< 
> Section
>   Section where the document belongs; this should follow the
>   sections outlined in The Debian Menu sub-policy.
>  >8 
> 
> (in /usr/share/doc/doc-base/doc-base.txt.gz) But the Debian Menu sub-policy
> section list
> (http://www.us.debian.org/doc/packaging-manuals/menu-policy/ch2.html) doesn't
> seem to be used everytime. I have a couple of packages installed, right now,
> with documentation registered in sections not in the Menu sub-policy.
> 
>So, what's the canonical list? And, if it's the Debian Menu sub-policy one,
> why doesn't doc-base give a warning or some hint?

There was a discussion with the doc-base maintainer a long time ago, but I don't
remember it anymore.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

Bug#315381: fsck.jfs segfaults in some situations when replaying journal

[Stefan Hornburg]

Version: 1.1.8-1

On Tue, 6 Sep 2005 04:44:51 -0700
Steve Langasek <[EMAIL PROTECTED]> wrote:

> Hi Stefan,
> 
> > I just uploaded jfsutils 1.1.8-1. This upstream release is supposed
> > to fix problems with journal replays. Can you please test if your
> > problem still persists ?
> 
> Since there has been no comment from the submitter in over two months,
> perhaps we should presume that this bug is closed in 1.1.8-1, and let
> that new version propagate to testing?

Yes, good idea.

Bye
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#327162: FTBFS: Too few arguments to chmod

[Stefan Hornburg]

On Wed, 7 Sep 2005 08:40:37 -0700
Matt Kraai <[EMAIL PROTECTED]> wrote:

> Package: courier
> Version: 0.47-8
> Severity: serious
> 
> courier fails to build because it passes too few arguments to chmod:
> 
> > find /tmp/buildd/courier-0.47/debian/tmp -perm +u+x -type f | xargs chmod 
> > u+rwx,go+rx
> > chmod: too few arguments
> > Try `chmod --help' for more information.

This call can easily fixed with adding --no-run-if-empty as xargs parameter. I 
still
wonder whether this would hide a more serious problem, especially because it 
does
build in my chroot environment. Can you please send a complete build log ?

Thanks
Racke


-- 
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#327181: SqWebMail Conditional Comments Script Insertion Vulnerability

[Stefan Hornburg]

package: sqwebmail
severity: important
tags: security

Secunia Research has discovered a vulnerability in SqWebMail, which
can be exploited by malicious people to conduct script insertion
attacks.

The vulnerability is caused due to SqWebMail allowing usage of e.g.
the "" tag within an HTML comment. This, combined with
"Conditional Comments" in Internet Explorer, can be exploited to
execute arbitrary script code in a user's browser session in context
of a vulnerable site when a malicious email is viewed.

Successful exploitation requires that the user is using Internet 
Explorer.

Example in an HTML email: