Bug#594369: Fix for Bug#594369 commited to version control

2010-08-27 Thread Cameron Dale 
tags 594369 +pending
thanks

Hi,

The following change has been committed for this bug, and so the
fix will be in the next upload.
===

Changeset [429] by camrdale, 2010-08-27 06:14:14 + (Fri, 27 Aug 2010)

Update for ABI change in apt 0.8.0 (Closes: #594369, #452001)
(LP: #163891)

U   apt-transport-debtorrent/trunk/connect.cc
U   apt-transport-debtorrent/trunk/debian/changelog
U   apt-transport-debtorrent/trunk/debian/control
A   apt-transport-debtorrent/trunk/debian/source/
A   apt-transport-debtorrent/trunk/debian/source/format
U   apt-transport-debtorrent/trunk/debtorrent.cc

http://svn.debian.org/wsvn/debtorrent?op=compcompare%5b%5d=...@428compare%5b%5d=...@429



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#594369: apt-transport-debtorrent: FTBFS with apt 0.8.0

2010-08-25 Thread Cameron Dale 
I should be able to fix this tomorrow. If you need it sooner than
that, please let me know.

Thanks,
Cameron



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#574198: Fix for Bug#574198 commited to version control

2010-03-20 Thread Cameron Dale 
tags 574198 +pending
thanks

Hi,

The following change has been committed for this bug, and so the
fix will be in the next upload.
===

Changeset [417] by camrdale, 2010-03-20 19:24:29 + (Sat, 20 Mar 2010)

Fix piuparts uninstallation failure (Closes: #574198)

U   debtorrent/trunk/debian/changelog

http://svn.debian.org/wsvn/debtorrent?op=compcompare%5b%5d=...@416compare%5b%5d=...@417



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#516708: Fix for Bug#516708 commited to version control

2010-03-20 Thread Cameron Dale 
tags 516708 +pending
thanks

Hi,

The following change has been committed for this bug, and so the
fix will be in the next upload.
===

Changeset [419] by camrdale, 2010-03-20 21:53:15 + (Sat, 20 Mar 2010)

Fix endless rerequesting pieces HTTP seed doesn't have (Closes: #516708)

U   debtorrent/trunk/DebTorrent/BT1/HTTPDownloader.py
U   debtorrent/trunk/debian/changelog

http://svn.debian.org/wsvn/debtorrent?op=compcompare%5b%5d=...@418compare%5b%5d=...@419



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#516708: Fix for Bug#516708 commited to version control

2010-03-20 Thread Cameron Dale 
tags 516708 +pending
thanks

Hi,

The following change has been committed for this bug, and so the
fix will be in the next upload.
===

Changeset [420] by camrdale, 2010-03-20 22:00:22 + (Sat, 20 Mar 2010)

Fix endless rerequesting pieces HTTP seed doesn't have (Closes: #516708, 
#451176)

U   debtorrent/trunk/debian/changelog

http://svn.debian.org/wsvn/debtorrent?op=compcompare%5b%5d=...@419compare%5b%5d=...@420



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#516708: removal request

2010-01-24 Thread Cameron Dale 
On Sun, Jan 24, 2010 at 4:49 PM, Kees Cook k...@debian.org wrote:
 I've filed a removal request:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566760

I don't think this warrants a removal request.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#516708: Debtorrent just won't give up after receiving 404

2010-01-24 Thread Cameron Dale 
Sorry for the previous email, I clicked Send by mistake.

On Sun, Jan 24, 2010 at 3:53 AM, Sylvain Beucler b...@beuc.net wrote:
 Any progress on that RC issue?

I have made some progress since it was made RC in October, but the bug
is more complicated than I first though. I will continue to work on
the solution, though my time has been limited of late by a busy work
schedule.

On Sun, Jan 24, 2010 at 4:49 PM, Kees Cook k...@debian.org wrote:
 I've filed a removal request:

I don't think this warrants a removal from testing, for the following reasons:

1. Though the original bug has been open for less than a year, the bug
was not made RC (serious) until October 2009 (3 months ago), when
another user noticed a side effect of the original bug that arguably
makes it serious.

2. I am working on a fix for the bug, and hope to have it committed in
the next week or two, and certainly before the freeze for the squeeze
release.

3. The requester did not contact me (the maintainer), nor did anyone
else, before requesting the removal, as mentioned here
http://wiki.debian.org/ftpmaster_Removals: In all cases, if there is
a maintainer and it's not you, mention the maintainer's opinion or, if
you don't know it, mention how and when you tried to contact him. If
you didn't try to contact the maintainer, do so first.

In any case, removal of apt-transport-debtorrent is not required, as
it is a separate package from debtorrent, and is unaffected by this
bug. apt-transport-debtorrent doesn't depend on debtorrent, and it can
be used by itself on a machine to communicate with debtorrent on a
different machine.

I'd like to close this removal request for the above reasons, but I'm
unsure of the etiquette related to that, and so I will leave it as is
in the hopes that someone will read this message before actually
performing the removal.

Cameron



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#514780: apticron: changes to cron.d file are disregarded or cause postinst to fail

2009-02-10 Thread Cameron Dale 
Package: apticron
Version: 1.1.27
Severity: serious
Justification: Policy 10.7.3: local changes must be preserved during a package 
upgrade

The postinst script generates errors when it greps through my modified
/etc/cron.d/apticron file. All I did was to comment out the cron entry
like below, as I prefer to run a more complicated script from
/etc/cron.daily/apticron:

# cron entry for apticron

#57 22 * * * root test -x /usr/sbin/apticron  /usr/sbin/apticron --cron

I don't think this is unreasonable behavior, as the postinst script should
be able to handle such changes to a config file.

I added set -x to the postinst to get this debug output to diagnose
the problem:

$ sudo dpkg --configure -a
Setting up apticron (1.1.27) ...
+ case $1 in
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ PERL_DL_NONLAZY=1
++ export PERL_DL_NONLAZY
++ '[' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/apticron.postinst 
configure 1.1.25
+ case $1 in
+ . /usr/share/debconf/confmodule
++ '[' '!' 1 ']'
++ '[' -z '' ']'
++ exec
++ '[' '' ']'
++ exec
++ DEBCONF_REDIR=1
++ export DEBCONF_REDIR
+ db_get apticron/notification
+ _db_cmd 'GET apticron/notification'
+ IFS=' '
+ printf '%s\n' 'GET apticron/notification'
+ IFS='
'
+ read -r _db_internal_line
+ RET=root
+ case ${_db_internal_line%%[   ]*} in
+ return 0
+ EMAIL=root
+ '[' '!' -d /etc/apticron/ ']'
++ mktemp -t apticron.conf.XX
+ tmpfile=/tmp/apticron.conf.DzuXiomPWj
+ cat
+ ucf --debconf-ok --three-way /tmp/apticron.conf.DzuXiomPWj 
/etc/apticron/apticron.conf
+ rm -f /tmp/apticron.conf.DzuXiomPWj
+ '[' -f /etc/cron.d/apticron ']'
++ grep -v '^[[:space:]]*\(\#\|$\)' /etc/cron.d/apticron
++ read min hour null
+ time=
dpkg: error processing apticron (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 apticron

In this case, the grep statement is returning nothing, which I think causes
the read to generate the error.

You probably need to do some error checking in the postinst, such as to
grep -q first to make sure there is some ouput from it.

Thanks,
Cameron


-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages apticron depends on:
ii  apt0.7.20.1  Advanced front-end for dpkg
ii  bsd-mailx  8.1.2-0.20071201cvs-3 A simple mail user agent
ii  debconf [debconf-2 1.5.24Debian configuration management sy
ii  ucf3.0016Update Configuration File: preserv

Versions of packages apticron recommends:
ii  apt-listchanges   2.83   package change history notificatio
ii  iproute   20080725-2 networking and traffic control too

apticron suggests no packages.

-- debconf information:
  apticron/notification: root



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#500971: transmission: losing data and wasting bandwidth

2008-10-02 Thread Cameron Dale 
Package: transmission
Version: 1.33-2
Severity: grave
Justification: causes non-serious data loss


I just experienced this bug, which has been reported upstream, and so I
decided to report it here for other Debian users to see.

See: http://trac.transmissionbt.com/ticket/1305
Also: http://forum.transmissionbt.com/viewtopic.php?f=2t=5624

According to those links, the problem has been seen in all of the 1.3x
releases, including 1.34. Downgrading to 1.22 is supposed to fix the
issue.

Basically, a download says it's using a lot of bandwidth, and is using
that bandwidth, but the download still proceeds at a very slow rate. A lot
of the downloaded data is therefore being lost somehow.

In my case, I ran several torrents adding up to about 1.5 GB of data,
which should have taken a couple of hours. After MANY hours, my downloads
were less than 50% done, but the client had used over 7 GB of bandwidth.

Thanks,
Cameron


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages transmission depends on:
ii  transmission-cli  1.33-2 free, lightweight BitTorrent clien
ii  transmission-common   1.33-2 free, lightweight BitTorrent clien
ii  transmission-gtk  1.33-2 free, lightweight BitTorrent clien

transmission recommends no packages.

transmission suggests no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#492389: [kcheckgmail] fails to login, Gmail's loging procedure has changed

2008-07-25 Thread Cameron Dale 
Package: kcheckgmail
Version: 0.5.7.4-1
Severity: grave


I've tried on a couple of different machines now, one that uses kcheckgmail
compiled from source, the other is using the Debian package, and both fail to
login saying that the login procedure has changed.

Thanks,
Cameron



--- System information. ---
Architecture: amd64
Kernel:   Linux 2.6.25-2-amd64

Debian Release: lenny/sid
  990 unstablesteveholt.hopto.org
  990 unstablelocalhost
  990 unstabledebian.camrdale.org
  500 testing debian.camrdale.org
  500 stable  debian.camrdale.org
1 experimentalftp.us.debian.org

--- Package information. ---
Depends  (Version) | Installed
==-+-===
kdebase-bin   (= 3.2) | 4:3.5.9.dfsg.1-4
kdelibs4c2a (= 4:3.5.8-1) | 4:3.5.9.dfsg.1-6
libc6   (= 2.7-1) | 2.7-12
libgcc1   (= 1:4.2.1) | 1:4.3.1-6
libqt3-mt (= 3:3.3.7) | 3:3.3.8b-5
libstdc++6  (= 4.2.1) | 4.3.1-6




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#479378: Do not work at all

2008-05-04 Thread Cameron Dale 
tags 479378 moreinfo
thanks

On 5/4/08, Juhapekka Tolvanen [EMAIL PROTECTED] wrote:
  I try remember to include enough scripts and config files with this
  bugreport. A file called firewall is a shell script, that is run during
  boot process.

Unfortunately the most important file is the log file from
/var/log/debtorrent, which you have not included. Please send that as
I can't tell what the problem is otherwise.

It looks like DebTorrent can't access the Internet, but I'm not sure
why that would be.

Cameron



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#462845: dependency on python-apt should be at least Recommends

2008-01-27 Thread Cameron Dale 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Package: python-debian
Version: 0.1.8
Severity: serious
Justification: violates policy 7.2 regarding Recommends

In trying to use python-debian in one of my packages, I am going to have to also
depend on python-apt, since python-debian only suggests it. I think this should
be upgraded to a Depends, but to satisfy policy should be at least a Recommends
since a lot of the functionality in python-debian depends on python-apt.

Of the 6 modules in debian_bundle, 3 of them (changelog, debian_support, and
debfile) won't import without python-apt being installed. These seem to all
relate to the debian_support module always importing apt_pkg, and changelog
always importing debian_support, and debfile always importing changelog. I
consider half the functionality being broken to justify a dependency upgrade,
and thus the severity of this bug.

Alternatively, and much more work, if the use of these global imports was
reduced to only where it is needed, then most of the functionality would still
work. This would be more difficult to maintain though, which is why I suggest
upgrading the dependency.

Thanks,
Cameron


- --- System information. ---
Architecture: amd64
Kernel:   Linux 2.6.22-1-vserver-amd64

Debian Release: lenny/sid
  990 unstablewww.debian-multimedia.org
  990 unstablelocalhost
  990 unstableftp.debian-unofficial.org
  990 unstabledebian.camrdale.org
  500 testing debian.camrdale.org
  500 stable  debian.camrdale.org

- --- Package information. ---
Depends (Version) | Installed
=-+-===
python   (= 2.4) | 2.4.4-6
python-support (= 0.7.1) | 0.7.6

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHnOvuDx924g0gNq0RAgkDAJ41srE6nA4dt7C2RQnOQAoin53xSQCfZ1GS
SkXTZSuGfJU15Jy7v3/maGs=
=2Yl7
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#446730: bittornado: fails to start: ImportError: No module named BitTornado

2007-10-17 Thread Cameron Dale 
On 10/16/07, Josselin Mouette [EMAIL PROTECTED] wrote:
 First of all, bittornado failed to upgrade. I think this was either
 caused by a prerm failure or an unpack failure, leading in the end to
 have only bittornado 0.3.18-3 installed. So there's probably a bug in
 bittornado. It would be nice if you could tell us how

I'm not sure what the bug could be in bittornado, as I have done the
same upgrade on 2 machines and the other maintainer has as well, all
without problems. One difference I noted is that Lionel also upgraded
python-support at the same time, so I downgraded bittornado to do the
same upgrade. Here are the results, which generated no errors at all:

2007-10-16 23:11:17 upgrade python-support 0.6.4 0.7.4
2007-10-16 23:11:17 status half-configured python-support 0.6.4
2007-10-16 23:11:17 status unpacked python-support 0.6.4
2007-10-16 23:11:17 status half-installed python-support 0.6.4
2007-10-16 23:11:18 status half-installed python-support 0.6.4
2007-10-16 23:11:18 status unpacked python-support 0.7.4
2007-10-16 23:11:18 status unpacked python-support 0.7.4
2007-10-16 23:11:18 upgrade bittornado-gui 0.3.18-3 0.3.18-4
2007-10-16 23:11:18 status half-configured bittornado-gui 0.3.18-3
2007-10-16 23:11:18 status unpacked bittornado-gui 0.3.18-3
2007-10-16 23:11:18 status half-installed bittornado-gui 0.3.18-3
2007-10-16 23:11:18 status half-installed bittornado-gui 0.3.18-3
2007-10-16 23:11:18 status unpacked bittornado-gui 0.3.18-4
2007-10-16 23:11:18 status unpacked bittornado-gui 0.3.18-4
2007-10-16 23:11:18 upgrade bittornado 0.3.18-3 0.3.18-4
2007-10-16 23:11:18 status half-configured bittornado 0.3.18-3
2007-10-16 23:11:19 status unpacked bittornado 0.3.18-3
2007-10-16 23:11:19 status half-installed bittornado 0.3.18-3
2007-10-16 23:11:19 status half-installed bittornado 0.3.18-3
2007-10-16 23:11:19 status unpacked bittornado 0.3.18-4
2007-10-16 23:11:19 status unpacked bittornado 0.3.18-4
2007-10-16 23:11:20 status unpacked python-support 0.7.4
2007-10-16 23:11:20 status half-configured python-support 0.7.4
2007-10-16 23:11:20 status installed python-support 0.7.4
2007-10-16 23:11:20 status unpacked bittornado 0.3.18-4
2007-10-16 23:11:20 status half-configured bittornado 0.3.18-4
2007-10-16 23:11:22 status installed bittornado 0.3.18-4
2007-10-16 23:11:22 status unpacked bittornado-gui 0.3.18-4
2007-10-16 23:11:22 status half-configured bittornado-gui 0.3.18-4
2007-10-16 23:11:22 status installed bittornado-gui 0.3.18-4

One interesting thing I noticed was that the bittornado 0.3.18-4 in
the archive depends on python-support = 0.7.1, whereas the one I
built locally only depends on python-support = 0.2. I assume that
means it was built (by my sponsor) with a newer version of
python-support than mine was, which I'm not sure how it would cause
this problem, but I thought I'd mention it anyway.

Thanks,
Cameron



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#446730: bittornado: fails to start: ImportError: No module named BitTornado

2007-10-15 Thread Cameron Dale 
There were a few reports like this s while back that were
python-support related, so I'm thinking of reassigning this to the
python-support package. Just to be sure, could you let me know the
output of this command:

locate -e BitTornado | sed -e 's#/[^/]*$##' | sort -u

It should show some entries in /usr/share/python-support and
/var/lib/python-support/python2.4. Also, was this a new install of
BitTornado, or an upgrade from a previous version?

You could probably fix this problem by reinstalling BitTornado, but if
you can wait then it would be better NOT to reinstall until we (or the
python-support people) can figure out what's causing these problems.

Thanks,
Cameron



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#446730: bittornado: fails to start: ImportError: No module named BitTornado

2007-10-15 Thread Cameron Dale 
reassign 446730 python-support
thanks

On 10/15/07, Lionel Elie Mamane [EMAIL PROTECTED] wrote:
 On Mon, Oct 15, 2007 at 12:39:37PM -0700, Cameron Dale wrote:

  could you let me know the output of this command:

  locate -e BitTornado | sed -e 's#/[^/]*$##' | sort -u

 [EMAIL PROTECTED]:~$ locate -e /BitTornado  | sed -e 's#/[^/]*$##' | sort -u
 /usr/share/python-support/bittornado
 /usr/share/python-support/bittornado/BitTornado
 /usr/share/python-support/bittornado/BitTornado/BT1

This seems to confirm that it is a python-support bug, therefore I am
reassigning it there. There were 2 previous instances of an error
similar to this one in BitTornado: 383799 and 386272. I can't find any
other packages that report errors similar to this related to
python-support, but I can't see any errors in the BitTornado packaging
that would cause this, and also the error is intermittent (a reinstall
will fix it). These all lead me to believe it is python-support
related and so I have assigned it there.

  It should show some entries in /usr/share/python-support and
  /var/lib/python-support/python2.4. Also, was this a new install of
  BitTornado, or an upgrade from a previous version?

 /var/log/aptitude.1.gz:[UPGRADE] bittornado 0.3.18-3 - 0.3.18-4

  You could probably fix this problem by reinstalling BitTornado, but if
  you can wait then it would be better NOT to reinstall until we (or the
  python-support people) can figure out what's causing these problems.

 I can wait.

That's great, hopefully the python-support maintainer will be able to
help you with this.

Thanks,
Cameron



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#416405: torrentflux: Upon login reports Database error: Query was empty

2007-04-05 Thread Cameron Dale 

tag 416405 unreproducible
severity 416405 normal
thanks

On 4/3/07, Mike Martin [EMAIL PROTECTED] wrote:

I had to move this machine today. Upon reboot, torrentflux came up
without a hitch and is working the way I would expect. It went
straight to the update settings page when I logged in as the
torrentflux user. All the settings look correct. I will add a new user
and watch it over the next few days to see if it is stable.


Based on this information and no one else reporting problems, I'm
going to mark this as unreproducible and lower the severity. If it
recurs, let me know.

Thanks,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#416405: torrentflux: Upon login reports Database error: Query was empty

2007-03-30 Thread Cameron Dale 

Sorry for the delay Mike, I'll try and find some time work on this
more this weekend. Until then, read below ...

On 3/27/07, Mike Martin [EMAIL PROTECTED] wrote:

 Does this message appear in the browser? Are there any other error
 messages in log files, perhaps in the webserver logs or mysql logs?

Message appears in the browser.  The webserver log shows nothing out
of the ordinary.  I can't figure out how to check the mysql log ...
(kind of embarrassing)


It's in /var/log, or at least it is for me. I may have set that up
myself though, so if there's nothing named mysql in /var/log then
don't worry about it.


 When did this message appear? It looks like it is a fresh install of
 torrentflux, have you ever been able to log in?

It is a fresh install of etch with practically nothing else installed
except torrentflux. I was originally able to log on. I succesfully
used it for about a day. And then nothing. That was many
purge/reinstall cycles ago while I tried to correct the problem.

 Which version of mysql server are you using? Is it on the same machine
 or do you connect to it over the network? Do the torrentflux database
 and tables look reasonable (should be 7 tables)? How many entries are
 there in the tf_users table?

I'm using the etch mysql-server-5.0 package installed on the local
machine specifically for use by torrentflux. The database seems find.

show tables produces a list of 7 tables. Select * from tf_users
results in an empty set. As does a Select * from all the other
tables! -- hmmm -- that's problably NOT right.


Actually, that probably is right. On first install, when the users
table is empty, torrentflux gives superadmin privileges to the first
user to login and adds them to the table. It seems like the database
is fine, you just can't connect to it properly. My current thinking is
this:

1. The users table is empty, and torrentflux is prompting you to login
(you do get a prompt, don't you? and then the error when you fill it
in and submit?)
2. Torrentflux can connect to the database and see that the users table is empty
3. Seeing that its empty, torrentflux tries to insert you into the database
4. Insertion fails, giving the error

This leads me to believe (if all I have said is true), that the
database privileges were not created properly for the torrentflux
user. So, he can read the database, but not write to it. To confirm,
try logging in to the mysql server as the torrentflux user (you can
find the password to use in /etc/torrentflux/config-db.php) by doing
'mysql -u torrentflux -p torrentflux' and then enter the password at
the prompt. Now try to read the tf_users table 'select * from
tf_users;', and then try to insert into it 'insert into tf_users
(user_id) VALUES ('mike');'. If that works, you can delete it with
'delete from tf_users;', and I'll try and come up with something else.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#416405: torrentflux: Upon login reports Database error: Query was empty

2007-03-30 Thread Cameron Dale 

On 3/27/07, Nicolas Aupetit [EMAIL PROTECTED] wrote:

I obtain the same message after a crash of my machine,
when the tf_log table is in use.

After the reboot, this MySQL table is marked as used,
and is obviously unavailable.

I must repair this table with :
[EMAIL PROTECTED] mysql
mysql use torrentflux;
mysql repair table tf_log;

I can after that log in again to torrentflux.


Thanks for the tip Nicolas.

Mike, you might also want to try something like this, although since
you purged and reinstalled the database, I'm not sure this is the
problem. Try 'check table' on each of the torrentflux tables, then
'repair table' on each.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#416405: torrentflux: Upon login reports Database error: Query was empty

2007-03-27 Thread Cameron Dale 

Hi Mike,

On 3/27/07, root [EMAIL PROTECTED] wrote:

Package: torrentflux
Version: 2.1-4
Severity: grave
Justification: renders package unusable


Upon login, torrentflux reports:

TorrentFlux Login
Warning: Invalid argument supplied for foreach() in 
/usr/share/php/adodb/adodb-lib.inc.php on line 768
TorrentFlux Database/SQL Error
Debug SQL is on.
SQL:
Database error: Query was empty
Always check your database variables in the config.php file.


Does this message appear in the browser? Are there any other error
messages in log files, perhaps in the webserver logs or mysql logs?

When did this message appear? It looks like it is a fresh install of
torrentflux, have you ever been able to log in?

Which version of mysql server are you using? Is it on the same machine
or do you connect to it over the network? Do the torrentflux database
and tables look reasonable (should be 7 tables)? How many entries are
there in the tf_users table?

Sorry for all the questions, I'm just trying to figure out what's
going on, as the error message is somewhat ambiguous. A quick fix to
try if this is a fresh install might be to purge the package, choosing
the option to purge the database as well. Then check to make sure the
database was purged. Then reinstall again, creating a fresh database.
As you probably guessed, I think there was a problem with how the
database was created.


It appears to be the same problem described in this forum link:
http://forum.linkstationwiki.net/index.php?action=vthreadforum=16topic=2402page=0


I don't think this is related, as it was due to a mysql server problem
on the ARM architecture (unless your server is running remotely on an
ARM machine), and the error message looks different.

Thanks for the report,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#403661: torrentflux: fails to install with error code 10

2006-12-19 Thread Cameron Dale 

severity 403661 normal
tags 403661 unreproducible
thanks

On 12/19/06, Remi Vanicat [EMAIL PROTECTED] wrote:

2006/12/19, Micah Anderson [EMAIL PROTECTED]:
 I just created a sid chroot and attempted to install torrentflux, I did
 not encounter this problem.

 I tried a few different failure scenarios (mysql-client not available,
 mysql-server not installed, database password incorrect, database server
 not running) and they all worked fine.

Note that failure happen before I've been asked the database password,
and mysql-server and mysql-client were installed.

answer to dbconfig question was :
no for keeping admin password
no for using non local database

I've just try to do an aptitude reinstall dbconfig-common and
everything worked as expected.
Now, I'm trying to reproduce the bug on my computer, but it is not
there anymore. I do'nt understand.


It may be a one-time thing, or something may have happened to
dbconfig-common that is unexpected. Had you just installed it
recently? Does it work for other packages?

I asked on the dbconfig-common mail list, and it seems that I have
used it properly. The dbconfig-common developer did ask if you could
try debconf-show dbconfig-common, and dpkg-reconfigure
dbconfig-common, as the former would be informative, the latter might
fix the problem (although I gather it's been fixed already).

Since it's non-reoccurring (thanks Micah!), I have downgraded it accordingly.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#403661: torrentflux: fails to install with error code 10

2006-12-18 Thread Cameron Dale 

On 12/18/06, Remi Vanicat [EMAIL PROTECTED] wrote:

$ DEBCONF_DEBUG=developer dpkg --configure --pending
Setting up torrentflux (2.1-7) ...
debconf (developer): frontend started
debconf (developer): frontend running, package name is torrentflux
debconf (developer): starting /var/lib/dpkg/info/torrentflux.config configure
debconf (developer): -- CAPB backup
debconf (developer): -- 0 multiselect escape backup
debconf (developer): -- REGISTER dbconfig-common/database-type 
torrentflux/database-type
debconf (developer): -- 10 No such template, dbconfig-common/database-type
dpkg: error processing torrentflux (--configure):
 subprocess post-installation script returned error exit status 10
Errors were encountered while processing:
 torrentflux


This is looking like a dbconfig-common problem to me, so I'm going to
forward it to their list to see what they say. I'm having trouble
reproducing this though. Could you describe what steps you took to get
this error? Was dbconfig-common installed before installing
torrentflux, or were they both in the same install?

Thanks,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-12-11 Thread Cameron Dale 

FYI, I will probably try and upload this on Thursday (Dec. 14th), in
the hopes of eventually getting included back into Etch. Unless of
course there are any more problems that come up, or problems pointed
out with the fixes I have here.

Thanks,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-12-09 Thread Cameron Dale 

I've prepared an updated fix for this (and other) problems. I split
the previous patch into 2, and created 2 other new ones to fix other
problems. All 4 are attached, and my repository contains the updated
packages. Here's a description of the patches:

11_missed_security_fixes.dpatch:

This patch now contains only the security fixes in 2.2 that I missed
when I was previously adding fixes.

12_metaInfo_remote_command.dpatch:

This patch combines my previously suggested fix of using
SecurityClean() on $torrent, in both metaInfo.php and startpop.php,
and Stefan's suggested fix of using escapeshellarg($torrent) in
metaInfo.php. Only one is required, but I used both just to be safe.

13_possible_xss_vulnerability.dpatch:

This patch uses htmlentities() before printing any variables that have
been urldecoded after being read in (when htmlentities is initially
run). I'm still not sure this can be exploited, as I have not yet been
able to do it, but it may depend on the web server in use or it's
configuration, so I decided to fix it anyway to be safe. It's a pretty
easy fix anyway.

14_maketorrent_remote_command.dpatch:

Upstream told me about this one. In maketorrent.php there's another
place where an input variable is used unescaped in an exec. This patch
escapes the variable before executing it.

Let me know if I missed something, or what you think of the patches. I
think I managed to take care of every problem mentioned in this bug
report, but it is quite long so I could be mistaken.

Cameron


11_missed_security_fixes.dpatch
Description: Binary data


12_metaInfo_remote_command.dpatch
Description: Binary data


13_possible_xss_vulnerability.dpatch
Description: Binary data


14_maketorrent_remote_command.dpatch
Description: Binary data

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-12-06 Thread Cameron Dale 

forwarded 400582 http://www.torrentflux.com/contact.php
thanks

Thanks for the additional info Stefan, I've forwarded this information
to upstream. Unfortunately I have no time right now, so it will be a
couple of days before I get to this. One question though (below).

On 12/4/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

In index.php and dir.php, urldecode() is called after the htmlentities
escaping is done by getRequestVar(). This allows to bypass the
escaping. In dir.php this could be used for a XSS. Replace $dir by
htmlentities($dir) in the error message. Or maybe it would be a good
idea to put the urldecode() into getRequestVar() and remove it from
all other places.


I don't think putting urldecode() in getRequestVar() before
htmlentities is called will work, as the directory name is needed
decoded at some points in the file (maybe decode it only when needed
and safe?). I'm starting to get over my head with some of this though,
so I've forwarded this upstream in the hopes of getting some feedback.

When you say the error message, do you mean this line:

   echo strong.$dir./strong could not be found or is not valid.;

Is that the only place you've found so far that this is a problem? I
see the $torrent and $file_name variables in index.php might also be
problems, but I can't tell for sure.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: present in 2.2 as well

2006-12-06 Thread Cameron Dale 

On 12/4/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

The metaInfo.php issue doesn't seem to be fixed in 2.2


To be clear, I would like to point out that the more serious remote
command execution using metaInfo.php IS fixed in 2.2.

However, the local privilege escalation is present in 2.2 by a local
user creating a file with backticks in it, then pointing the torrent
variable of details.php to it and executing the command as the web
server user.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: CVEs assigned

2006-12-06 Thread Cameron Dale 

Hi Micah,

Thanks for doing this. Unfortunately, I think one of these reports is
a duplicate, and some are inaccurate as they don't apply to version
2.2. I don't know how these work, but if you can update them you may
want to make some changes. See my notes below.

On 12/6/06, Micah Anderson [EMAIL PROTECTED] wrote:

==
Name: CVE-2006-6328
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6328
Reference: MISC:http://www.milw0rm.com/exploits/2786
Reference: SECUNIA:22880
Reference: URL:http://secunia.com/advisories/22880
Reference:
CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582

Directory traversal vulnerability in index.php for TorrentFlux 2.2
allows remote attackers to create or overwrite arbitrary files via
sequences in the alias_file parameter.


This already has an advisory, see

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5609

It also doesn't apply to Torrentflux 2.2, only 2.1 (the original
advisory from milw0rm was incorrect, but CVE-2006-5609 is correct in
indicating only 2.1 is affected). Also, the Debian bug for this one
was 395930.


==
Name: CVE-2006-6329
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6329
Reference: MISC:http://www.milw0rm.com/exploits/2786
Reference: SECUNIA:22880
Reference: URL:http://secunia.com/advisories/22880
Reference:
CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582

index.php for TorrentFlux 2.2 allows remote attackers to delete files
by specifying the target filename in the delfile parameter.


Again, this is only present in version 2.1, not 2.2. The Debian bug
number for this one is 399169.


==
Name: CVE-2006-6330
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6330
Reference: MISC:http://www.milw0rm.com/exploits/2786
Reference: SECUNIA:22880
Reference: URL:http://secunia.com/advisories/22880
Reference:
CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582

index.php for TorrentFlux 2.2 allows remote registered users to
execute arbitrary commands via shell metacharacters in the kill
parameter.


Again, not present in 2.2, only in version 2.1. The Debian bug number
for this one is also 399169.


==
Name: CVE-2006-6331
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6331
Reference:
CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582
Reference:
MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi/11_missed_security_fixes.dpatch?bug=400582;msg=71;att=1

metaInfo.php in TorrentFlux 2.2, when $cfg[enable_file_priority] is
false, allows remote attackers to execute arbitrary commands via shell
metacharacters (backticks) in the torrent parameter to details.php.


This problem, as described, is not present in 2.2, only in 2.1. Also,
the dpatch attached is a a little misleading as it contains changes
that fix the 2 previous problems (6329 and 6330) as well as this one
(6331).

There is, however, a similar problem to this in 2.2 that Stefan
described as a local priviledge escalation. It uses the torrent
parameter and a local user's ability to create a file containing
backticks, to then execute arbitrary commands as the webserver user
(www-data). I don't think it applies to remote users though, only
local. You may want to request another CVE for this one, as it is a
separate problem from 6331 and does affect version 2.2.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: present in 2.2 as well

2006-12-06 Thread Cameron Dale 

On 12/6/06, Cameron Dale [EMAIL PROTECTED] wrote:

On 12/4/06, Stefan Fritsch [EMAIL PROTECTED] wrote:
 The metaInfo.php issue doesn't seem to be fixed in 2.2

To be clear, I would like to point out that the more serious remote
command execution using metaInfo.php IS fixed in 2.2.


Sorry for the confusion and multiple messages, but as I mentioned in
my other email, this is exploitable in 2.2, though it is a little
harder than in 2.1. My mistake.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: CVEs assigned

2006-12-06 Thread Cameron Dale 

On 12/6/06, Cameron Dale [EMAIL PROTECTED] wrote:

 ==
 Name: CVE-2006-6331
 Status: Candidate
 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6331
 Reference:
 CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582
 Reference:
 
MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi/11_missed_security_fixes.dpatch?bug=400582;msg=71;att=1

 metaInfo.php in TorrentFlux 2.2, when $cfg[enable_file_priority] is
 false, allows remote attackers to execute arbitrary commands via shell
 metacharacters (backticks) in the torrent parameter to details.php.

This problem, as described, is not present in 2.2, only in 2.1. Also,
the dpatch attached is a a little misleading as it contains changes
that fix the 2 previous problems (6329 and 6330) as well as this one
(6331).

There is, however, a similar problem to this in 2.2 that Stefan
described as a local priviledge escalation. It uses the torrent
parameter and a local user's ability to create a file containing
backticks, to then execute arbitrary commands as the webserver user
(www-data). I don't think it applies to remote users though, only
local. You may want to request another CVE for this one, as it is a
separate problem from 6331 and does affect version 2.2.


Actually, on further investigation, I was wrong about this one, as it
is a remote command execution bug in 2.2 as well, and I recommend you
report it as such. I had thought that TorrentFlux's cleaning of the
downloaded torrent files would make this local only, but I now see
that a torrent file that includes files that have backticks will work
(sorry Stefan, I misread your previous email about this). Here is how
to properly take advantage of this in Torrentflux 2.2 (or 2.1):

mkdir -p '`touch /tmp/'
echo Test file  '`touch /tmp/hello`.torrent'
btmakemetafile --target test.torrent http://localhost:6969 \`touch\ /

Now upload test.torrent to TorrentFlux and start it downloading (it
won't download anything, but that doesn't matter as the files are
created when the torrent starts).

Now go to (replace username with your TorrentFlux user name):

http://hostname/torrentflux/details.php?torrent=../username/`touch
/tmp/hello`.torrent

It should say only btshowmetainfo 20030621 - decode BitTorrent
metainfo files and the /tmp/hello file should be created as the web
server user (www-data).

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-12-06 Thread Cameron Dale 

On 12/4/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

In index.php and dir.php, urldecode() is called after the htmlentities
escaping is done by getRequestVar(). This allows to bypass the
escaping. In dir.php this could be used for a XSS. Replace $dir by
htmlentities($dir) in the error message. Or maybe it would be a good
idea to put the urldecode() into getRequestVar() and remove it from
all other places.


I've looked into this further, and I'm not convinced that this will
result in a vulnerability. It seems to me that htmlentities() uses a
different encoding format than urlencode() does, and so
urldecode(htmlentities($dir)) != $dir. I've tested this, and
urldecode() definitely doesn't decode the 'lt;' and 'gt;' that
htmlentities() creates. Now, you could try and submit a URL such as

http://hostname/torrentflux/dir.php?dir=%3Cscript%3Ealert('xss')%3C/script%3E

in the hopes that htmlentities() will not replace the %3C with lt;
and then later urldecode() will replace it with '', but this doesn't
seem to work as all the variables are urldecoded when they are read
(from my testing it seems that way, anyway). Therefore they are made
safe by htmlentities(). I'm not sure why this doesn't work, so if you
know, or have found a way to exploit this, please let me know.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-12-02 Thread Cameron Dale 

Unless there are any more problems found with the fix I created, I'm
going to try and get this uploaded by Monday the 4th so I can start
working on the soon-to-be-released new upstream version.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-11-30 Thread Cameron Dale 

On 11/29/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

I didn't have time yet to look at it thoroughly (or test it), but
AFAICS you now check the file for existance before passing it to the
shell. This should convert the remote command execution vuln into a
local priviledge escalation. A local user can do

touch '/tmp/`touch /tmp/hello`'


I think I understand how this is supposed to work, but I can't execute
this to create a file containing the ticks in it. Is this supposed to
work?

hostname:~$ touch '/tmp/`touch /tmp/hello`'
touch: cannot touch `/tmp/`touch /tmp/hello`': No such file or directory
hostname:~$ ls /tmp
flashgot.lfb3lmyf.default/  .ICE-unix/ ksocket-camrdale/  .X0-lock
gpg-ovJV8Y/ kde-camrdale/  ssh-PRXIyZ3903/.X11-unix/

I tried lots of variations on escaping the quotes, but nothing would
cause this to create a file with ticks in it. What am I doing wrong?

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-11-30 Thread Cameron Dale 

On 11/29/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

I didn't have time yet to look at it thoroughly (or test it), but
AFAICS you now check the file for existance before passing it to the
shell. This should convert the remote command execution vuln into a
local priviledge escalation. A local user can do

touch '/tmp/`touch /tmp/hello`'

and pass the filename to torrentflux and so get the command executed
as user www-data. This is definitely less severe than before but IMHO
still a bug. It would also convert any vulnerability to create a file
with arbitrary name into a code execution vulnerability.


I don't think this will work, because the local user would need to be
the www-data user to create the '/tmp/`touch /tmp/hello`' under the
$cfg[torrent_file_path] directory for it to be found. However, it
will be possible to exploit the fact that the torrent input is not
checked for ..'s on input, and so the following will work (assuming
the touch '/tmp/`touch /tmp/hello`' has already been done):

http://localhost/torrentflux/details.php?torrent=../../../../tmp/`touch
/tmp/hello`

I think the solution is then to use the SecurityClean function on the
torrent input variable in details.php to remove the ../ ability, and
that should take care of it.

-$torrent = getRequestVar('torrent');
+$torrent = SecurityClean(getRequestVar('torrent'));

The new patch is attached, and I have updated the packages in my repository.

Cameron


11_missed_security_fixes.dpatch
Description: Binary data

Bug#400582: arbitrary code execution in metaInfo.php in torrentflux

2006-11-27 Thread Cameron Dale 

tags 400582 + pending
thanks

On 11/27/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

I was able to exploit the problem mentioned above to execute shell
commands. $cfg[enable_file_priority] must be false.


Ahh, that's why I couldn't get it to work. Looking at it now it seems
obvious, but then hindsight always seems to work like that. Thanks for
finding it, Stefan.


Try

http://xxx/torrentflux/details.php?torrent=`touch /tmp/hello`


This did work for me too. I've gone through the security fixes
available in upstream's 2.2 beta, and found that I did not catch all
of them when I was backporting to 2.1. One of them does fix this
problem, so I've created a new patch with all the missing fixes in it.
I've attached the new patch file for your consideration, and I think
I'm going to hold off on the upload for a few days to make sure I
really did get them all this time, and talk to upstream about it.
Please let me know if you think this is not sufficient, or if I missed
something else.

In consideration of the calls to exec() and shell_exec() mentioned
previously, I went through the code to see if I could find any places
where this could be exploited. I found a couple of possible problems,
which are fixed in the included patch.

However, there are lots of occurences of these functions being called
where the input is one of the settings stored in the database
(unescaped), which I don't consider a security risk, as you have to be
an admin to change them, and if you are an admin then it's much easier
to just point the location of the bittornado files to whatever python
script you want executed. The other thing I considered is the
possibility of some kind of sql injection that could be used to alter
these database entries, but that would be a security problem that
would need to be fixed anyway, as the database has to be trusted. Am I
incorrect in thinking like this, and these are security risks?

By the way, if you want to try out the new package to make sure it
works, you can find it in my personal repository here:

deb http://www.cs.sfu.ca/~camerond/personal/debian/
http://www.cs.sfu.ca/~camerond/personal/debian/pool/main/t/torrentflux/

Cameron


11_missed_security_fixes.dpatch
Description: Binary data

Bug#399169: TorrentFlux Arbitrary Command Execution and Directory Traversal

2006-11-22 Thread Cameron Dale 

retitle 399169 torrentflux: create/delete/overwrite arbitrary files
tags 399169 + pending
thanks

Thanks for the report Stefan, your vigilance is much appreciated.

Unfortunately the report from secunia is poorly titled, and some of it
doesn't apply to the Debian package, so I'll include some more info
below for those interested.

On 11/18/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

1) Input passed to the kill parameter in index.php is not properly
sanitised before being used as the command line argument to
the kill command. This can be exploited to inject arbitrary shell
commands via the ; character.


This doesn't apply to the current version (2.1-5), as it has had this
input sanitized in fixing a previous 2.1 bug.


 2) Input passed to the delfile or alias_file parameters in
index.php is not properly sanitised before being used to delete,
create or overwrite files. The delfile parameter can be exploited
to delete arbitrary files. The alias_file parameter can be
exploited to create or overwrite arbitrary files, but an attacker
cannot control what data will be written to them.


This does apply to the current version, and will be fixed in the next
version (2.1-6).


 Successful exploitation requires valid user credentials.


None of these is very serious, as all require a registered user to
exploit the hack.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#399169: TorrentFlux Arbitrary Command Execution and Directory Traversal

2006-11-22 Thread Cameron Dale 

On 11/22/06, Stefan Fritsch [EMAIL PROTECTED] wrote:

thanks for looking into this. Unfortunately I think you are only
partially right. (On the other hand, I don't use torrentflux and
cannot install it ATM due to libphp-adodb brokenness, so I could be
wrong as well).


A new libphp-adodb is in the works. Should be available soon.


On Wednesday 22 November 2006 09:31, Cameron Dale wrote:
 On 11/18/06, Stefan Fritsch [EMAIL PROTECTED] wrote:
  1) Input passed to the kill parameter in index.php is not
  properly sanitised before being used as the command line argument
  to the kill command. This can be exploited to inject arbitrary
  shell commands via the ; character.

 This doesn't apply to the current version (2.1-5), as it has had
 this input sanitized in fixing a previous 2.1 bug.

As far as I can see, you only call htmlentities on the input. This is
not enough if you use the input in a command line that is passed to a
shell. For example the characters |;`$ have special meanings to the
shell and are not changed by htmlentities.


In fact, in the case we were discussing before (the kill parameter),
the new version will also only execute the kill command if $kill is a
numeric variable. So, if it wasn't fixed before then it will be now.


However, in the example above, the input is only passed to exec and
this does not seem to use a shell but executes the command directly.
So this doesn't seem to be exploitable here. On the other hand, there
are various exec()s of commands that are obviously meant to be
executed by a shell (with pipes or redirects). This doesn't really
make sense to me (but I am no php expert).

But I have found an instance where the input is passed to
shell_exec(). From metaInfo.php:

$result = shell_exec(cd  . $cfg[torrent_file_path].;  .
$cfg[pythonCmd] .  -OO  . $cfg[btshowmetainfo
]. \.$torrent.\);

Here the input ($torrent) is wrapped in double quotes which is not
enough since the shell will interpret `command` even inside double
quotes. You should use escapeshellarg() on this.


Although what you are saying makes sense to me, I cannot use it to
cause a command to be executed. I have tried many combinations of
inputs to the $torrent variable (including using `command`), and none
of them has been successful. I can't say why it seems to catch these,
but it seems to, so I will leave it at that. If you (or anyone else)
can create a case where this is a security issue, please submit it as
a new bug.


 None of these is very serious, as all require a registered user to
 exploit the hack.

While this is true, the average admin would not expect that any
registered user can execute arbitrary commands or delete files. So
this definitely should be fixed before etch release.


Definitely, I was just trying to calm people's fears about this being
a globally accessible hack. It will of course be treated seriously,
and fixed as soon as possible.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#399174: libphp-adodb cannot be installed on unstable

2006-11-19 Thread Cameron Dale 

tags 399174 + pending
thanks

On 11/19/06, Steve Langasek [EMAIL PROTECTED] wrote:

That bug submitter was misguided.  the phpapi virtual package is not
intended for use by apps written in php; please use the packages 'php4'
and/or 'php5' for this,


Thanks for the help Steve. I decided to go with php5 | php5-cli |
php4 | php4-cli, which I think covers all the bases.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#399174: libphp-adodb cannot be installed on unstable

2006-11-18 Thread Cameron Dale 

Hi Steve,

I'm currently in the process of adopting this package, so I'm still a
little unfamiliar with it. Please bear with me.

On 11/18/06, Steve Langasek [EMAIL PROTECTED] wrote:

On Sat, Nov 18, 2006 at 10:14:49AM +, Richard Burton wrote:
 The following packages have unmet dependencies.
  libphp-adodb: Depends: phpapi-20050606 but it is not installable or
 phpapi-20051025 but it is not installable

Hrm, this package shouldn't be depending on phpapi in the first place, it's
an architecture: all package and the phpapi declarations refer to the binary
extension ABI...


The dependency on phpapi was inserted in response to bug #335380,
which suggested using phpapi as it is provided by all php clients. I
take it you are saying this is not the correct way to create this
dependency, but I can't see why not. Could you explain this to me, or
is there some documentation you could point me to that could explain
this?

Also, what method would you suggest using for this dependency,
something like php5-cgi | php5-cli | libapache2-mod-php5 |
libapache-mod-php5 | php4-cgi | php4-cli | libapache2-mod-php4 |
libapache-mod-php4, or is there a better way?

Thanks,
Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#398537: torrentflux: postinst fails: No mysql client to execute. (have you installed mysql-client?

2006-11-14 Thread Cameron Dale 

severity 398537 wishlist
tags 398537 wontfix
thanks


On 11/14/06, Lucas Nussbaum [EMAIL PROTECTED] wrote:

During a piuparts run over all the packages in etch, I ran into a
problem with your package:


Unfortunately, torrentflux is not intended to be installed unattended
in the manner that piuparts does. The mysql-client dependency is
already there as a recommends, and so most people will get it when
doing a normal install through apt-get or aptitude.


In http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=353617#10:
  if you depend on dbconfig-common, then you also need to depend on
  the cmdline tools for the database types you support.  otherwise
  you'd have to install postgres clients and libraries even if you
  were packaging a mysql app and vice versa.


As I said, the dependency is there as a recommends. This is specified
this way, as the minimum packages needed for torrentflux to install
and run are given as depends. The reason for this is better explained
by this list mail:

http://lists.debian.org/debian-devel/2006/07/msg00927.html

So for torrentflux, mysql-server is a suggests because a local server
is not necessary as a remote mysql server could be available, and
mysql-client is a recommends as most will need it but some may choose
to not use the dbconfig-common method for database installation and
would rather prefer to install the database themselves
(dbconfig-common installation is not required, only recommended). This
second dependency also allows future expansion to PostGreSQL (which is
on the TODO list) by adding postgresql-client to the recommends as
both dbconfig-common and torrentflux support it.

I don't think this violates any debian policy that I'm aware of, or
makes the package unusable to most people. Therefore I have downgraded
the severity to wishlist and will leave this as wontfix for others to
see until such a time as a better solution is available or required.
If I've overlooked something about this, please let me know.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#395930: torrentflux: Directory traversal vulnerability

2006-10-28 Thread Cameron Dale 
Package: torrentflux
Version: 2.1-4
Severity: grave
Tags: security, confirmed, pending
Justification: user security hole


Thanks to Stefan Fritsch for bringing this to my attention.
A fix has been prepared and will be uploaded shortly.

From http://www.securityfocus.com/bid/20771 :

TorrentFlux is prone to a directory-traversal vulnerability because the 
application fails to properly sanitize user-supplied 
input.

An attacker can exploit this vulnerability to retrieve arbitrary files from the 
vulnerable system in the context of the affected 
application. Information obtained may aid attackers in further attacks.

TorrentFlux version 2.1 is reported vulnerable; other versions may be affected 
as well.

From bugtraq email:

Dorkfire.com Security Advisory
Discovered By: vooduhal (at) gmail (dot) com [email concealed]
Type of problem: Directory Traversal
Software: TorrentFlux 2.1
Software Description: TorrentFlux is a FREE PHP based Torrent client
that runs on a web server. Manage all of your Torrent downloads
through a convenient web interface from anywhere.

Problem description:
The dir.php script doesn't properly sanitize path passed via the dir
GET variable and also doesn't confirm where it's currently creating a
directory list for.

Example:
http://target/torrentfluxroot/dir.php?dir=\.\./\.\./\.\./etc/
will produce a directory list of /etc/



-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-amd64-k8
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)

Versions of packages torrentflux depends on:
ii  bittornado0.3.17-1   bittorrent client with enhanced cu
ii  dbconfig-common   1.8.20 common framework for packaging dat
ii  debconf [debconf-2.0] 1.5.2  Debian configuration management sy
ii  libapache2-mod-php5   5.1.4-0.1  server-side, HTML-embedded scripti
ii  libphp-adodb  4.72-0.1   The 'adodb' database abstraction l
ii  php5-mysql5.1.4-0.1  MySQL module for php5
ii  python2.4.3-11   An interactive high-level object-o

Versions of packages torrentflux recommends:
ii  mysql-client  5.0.22-3   mysql database client (current ver
ii  mysql-client-5.0 [mysql-clien 5.0.22-3   mysql database client binaries


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#395099: CVE-2006-5451: several XSS vulnerabilities in torrentflux

2006-10-28 Thread Cameron Dale 

tags 395099 + pending
thanks

Thanks again for the report. I've updated the code using patches based
on the beta release from the next upstream upgrade. This should be
uploaded very soon.

Cameron


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#391689: python-support: 0.5.3 doesn't always generate python dependencies (python-script-but-no-python-dep)

2006-10-08 Thread Cameron Dale 
Package: python-support
Version: 0.5.3
Severity: serious
Justification: Policy 2.4 of the Python Policy


I filed a bug about this before (#383958), and it was fixed in 0.4.2. However, 
some time between 0.4.3 (which worked) and 0.5.2 (which doesn't) this change 
was removed (I just checked, and 0.5 worked fine, but 0.5.1 didn't). Using the 
recommended implementation of python-support again generates no python 
dependencies to be included in the Depends line.

Even though the changelog for 0.5.3 says:
   * dh_pysupport: always generate dependencies.
it also doesn't generate the correct dependencies

Interestingly, the control file for my package (bittornado) is for 2 binary 
packages, bittornado and bittornado-gui. The ${python:Depends} for the first 
gets replaced with python-support (= 0.2) which leads to the error, while
the second gets python. This seems strange too, as I think both should be 
getting python, python-support (= 0.2), but maybe because the second 
depends on the first it doens't include the python-support depend for that 
one. I'll try to attach my control file to see if that helps explain it.

I felt the severity was justified, as dh_python is now deprecated in 
debhelper, so for users of python-support this is the only way to specify 
the python dependencies. If I've made a mistake somewhere, please let me 
know, as my package's latest version being included in Etch may be at stake.

You may also want to refer to these debian-python list threads:

http://lists.debian.org/debian-python/2006/08/msg00097.html
http://lists.debian.org/debian-python/2006/08/msg00100.html

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-amd64-k8
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)

Versions of packages python-support depends on:
ii  python2.4.3-11   An interactive high-level object-o

python-support recommends no packages.

-- no debconf information
Source: bittornado
Section: net
Priority: optional
Maintainer: Micah Anderson [EMAIL PROTECTED]
Uploaders: Cameron Dale [EMAIL PROTECTED]
Build-Depends: dpatch, debhelper (= 5.0.37.2)
Build-Depends-Indep: python-dev, python-support (= 0.4.2), docbook-to-man
Standards-Version: 3.7.2

Package: bittornado
Architecture: all
Depends: ${python:Depends}
Conflicts: bittorrent (= 3.4.2-2)
Replaces: bittorrent
Suggests: bittornado-gui, python-psyco
Recommends: mime-support
Provides: python-bittornado
Description: bittorrent client with enhanced curses interface
 bittorrent is a tool for distributing files.  Whenever more than one
 person is downloading at once they send pieces of the file(s) to each
 other, thus relieving the central server's bandwidth burden. Even with
 many simultaneous downloads, the upload burden on the central server
 remains quite small, since each new downloader introduces new upload
 capacity. 
 .
 BitTornado is the next generation bittorrent client built on
 the original BitTorrent. This client features an enhanced
 console/curses mode, lots of new features under the hood, and is
 generally one of the most advanced clients out there. Get this if you
 need to limit your bandwidth, or you want more control of your
 torrents. It does everything the original bittorrent does, plus more...
 .
 This package only contains the curses interfaces, install the package
 bittornado-gui to get the GUI components
 .
 Homepage: http://bittornado.com

Package: bittornado-gui
Architecture: all
Depends: ${python:Depends}, bittornado (= ${Source-Version}), python-wxgtk2.6, 
python-wxversion
Conflicts: bittorrent (= 3.4.2-2), libfreetype6 (= 2.1.7-2.4)
Replaces: bittorrent
Suggests: python-psyco, python-wxgtk2.4
Recommends: mime-support
Description: bittorrent client with enhanced GUI interface
 bittorrent is a tool for distributing files. It's extremely easy to
 use - downloads are started by clicking on hyperlinks. Whenever more
 than one person is downloading at once they send pieces of the
 file(s) to each other, thus relieving the central server's bandwidth
 burden. Even with many simultaneous downloads, the upload burden on
 the central server remains quite small, since each new downloader
 introduces new upload capacity.
 . 
 BitTornado is the next generation bittorrent client built on
 the original BitTorrent. This client features an enhanced GUI, lots
 of new features under the hood, and is generally one of the most
 advanced clients out there. Get this if you need to limit your
 bandwidth, or you want more control of your torrents. It does
 everything the original bittorrent does, plus more...

Bug#383799: ImportError: No module named BitTornado

2006-08-19 Thread Cameron Dale 

You beat me to it Micah. :)

On 8/19/06, Micah Anderson [EMAIL PROTECTED] wrote:

I just updated all my packages in unstable to the latest, and I do not
experience this issue.


I also upgraded my packages in unstable to the latest, which included
installing python2.4 for the first time, and I had no problems with
bittornado afterwards. I also tried uninstalling python2.3 (still
worked fine), and then uninstalling and reinstalling bittornado with
only python2.4 present (still no problem).

Artur, what install order did you use? I assume something like: first
python2.3 (long ago), then bittornado (a while ago), then python2.4
(recently)? If that's the case you might try uninstalling/reinstalling
bittornado to see if it solves your problem. As Micah asked, the
output of dpkg -l python* might be helpful. Also, perhaps the output
of locate -e BitTornado.

Cameron Dale


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#361521: torrentflux: The adodb folder is missing.

2006-04-08 Thread Cameron Dale 
severity 361521 wishlist
retitle 361521 torrentflux: does not work with adodb in stable/sarge
tags 361521 sarge
thanks

Hi ryaner,

I've downgraded your bug, as it is related to an old distribution that
is not supported by this version of torrentflux. Read below for more info.

I don't have a good solution right now for getting torrentflux to work
with sarge, and I'm working on the upstream upgrade so I can't devote
any time to it right now. Perhaps in the future I will have more time
and we can work on this some more.

Ryaner said the following on 08/04/2006 1:48 PM:
 Main html bundle does not include the adodb folder
 required by Torrentflux. This leads to 2 warnings
 about being unable to open the adodb files and then
 the Fatal error when trying to open a DB connection.

 As TF has the folder values hardcoded, you will either
 need to update the values to point to the adodb
 package pulling in by dependancies or just include the
 adodb folder with the TF html bundle.

As Debian already includes adodb in the form of the the libphp-adodb
package, I could not include the adodb bundle included with torrentflux.

The current version of libphp-adodb in testing/unstable (4.72) installs
the adodb files into /usr/share/php/adodb. As /usr/share/php is in the
include path of PHP, the hardcoded values that come with torrentflux
work perfectly.

The old version of libphp-adodb in stable/sarge (4.52) installs the
adodb files into /usr/share/adodb. They are not automatically included
in the PHP path. There is a note in the libphp-adodb README.debian,
indicating the proper method for adding the adodb files to the PHP
include path.

I'm not sure what to suggest to you to get torrentflux to work with
stable/sarge. You could try adding the adodb to the include path for
PHP, or moving the adodb to a subfolder of an already included path, or
adjusting the include values in torrentflux. None of these are great
solutions.

FYI, you may also have problems with the bittornado version that is in
stable. I haven't confirmed this, but I suspect torrentflux may need
=0.3.13 version of bittornado. Let me know if the stable/sarge one does
work for you.

-- 
Cameron Dale
[EMAIL PROTECTED]



signature.asc
Description: OpenPGP digital signature

Bug#349985: various unfixed security bugs

2006-04-01 Thread Cameron Dale 
Attached are the patches I have prepared that backports the fixes of
these vulnerabilities to the version in sarge (4.52-1).

-- 

Cameron Dale


signature.asc
Description: Digital signature

Bug#358872: libphp-adodb: Multiple cross-site scripting (XSS) vulnerabilities

2006-04-01 Thread Cameron Dale 
Attached is a patch I have prepared that backports the fix of this
vulnerability to the version in sarge (4.52-1).

-- 

Cameron Dale
diff -Nur libphp-adodb-4.52/build-tree/adodb/adodb-pager.inc.php 
libphp-adodb-4.52.new/build-tree/adodb/adodb-pager.inc.php
--- libphp-adodb-4.52/build-tree/adodb/adodb-pager.inc.php  2004-08-10 
01:26:22.0 -0700
+++ libphp-adodb-4.52.new/build-tree/adodb/adodb-pager.inc.php  2006-03-24 
15:52:38.0 -0800
@@ -60,7 +60,7 @@
global $HTTP_SERVER_VARS,$PHP_SELF,$HTTP_SESSION_VARS,$HTTP_GET_VARS;

$curr_page = $id.'_curr_page';
-   if (empty($PHP_SELF)) $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
+   if (empty($PHP_SELF)) $PHP_SELF = 
htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF']); // htmlspecialchars() to 
prevent XSS attacks

$this-sql = $sql;
$this-id = $id;
@@ -70,7 +70,7 @@
$next_page = $id.'_next_page';  

if (isset($HTTP_GET_VARS[$next_page])) {
-   $HTTP_SESSION_VARS[$curr_page] = 
$HTTP_GET_VARS[$next_page];
+   $HTTP_SESSION_VARS[$curr_page] = (integer) 
$HTTP_GET_VARS[$next_page];
}
if (empty($HTTP_SESSION_VARS[$curr_page])) 
$HTTP_SESSION_VARS[$curr_page] = 1; ## at first page

@@ -284,4 +284,4 @@
 }
 
 
-?
\ No newline at end of file
+?


signature.asc
Description: Digital signature

Bug#349985: various unfixed security bugs

2006-04-01 Thread Cameron Dale 
Attached are the patches I have prepared that backports the fixes of
these vulnerabilities to the version in sarge (4.52-1).

They're really attached this time.

-- 

Cameron Dale
diff -Nur libphp-adodb-4.52/build-tree/adodb/server.php 
libphp-adodb-4.52.new/build-tree/adodb/server.php
--- libphp-adodb-4.52/build-tree/adodb/server.php   2004-07-06 
01:32:26.0 -0700
+++ libphp-adodb-4.52.new/build-tree/adodb/server.php   2006-03-24 
15:32:39.0 -0800
@@ -26,7 +26,7 @@
  * Define the IP address you want to accept requests from 
  * as a security measure. If blank we accept anyone promisciously!
  */
-$ACCEPTIP = '';
+$ACCEPTIP = '127.0.0.1';
 
 /*
  * Connection parameters
@@ -34,7 +34,7 @@
 $driver = 'mysql';
 $host = 'localhost'; // DSN for odbc
 $uid = 'root';
-$pwd = '';
+$pwd = 'garbage-it-is';
 $database = 'test';
 
 /* DO NOT MODIFY BELOW HERE 
=*/
@@ -67,13 +67,15 @@
 
 $remote = $HTTP_SERVER_VARS[REMOTE_ADDR]; 
  
-if (empty($HTTP_GET_VARS['sql'])) err('No SQL');
 
 if (!empty($ACCEPTIP))
  if ($remote != '127.0.0.1'  $remote != $ACCEPTIP) 
err(Unauthorised client: '$remote');
 
 
+if (empty($HTTP_GET_VARS['sql'])) err('No SQL');
+
+
 $conn = ADONewConnection($driver);
 
 if (!$conn-Connect($host,$uid,$pwd,$database)) err($conn-ErrorNo(). $sep . 
$conn-ErrorMsg());
@@ -95,4 +97,4 @@
 } else
err($conn-ErrorNo(). $sep .$conn-ErrorMsg());
 
-?
\ No newline at end of file
+?
diff -Nur libphp-adodb-4.52/build-tree/adodb/tests/tmssql.php 
libphp-adodb-4.52.new/build-tree/adodb/tests/tmssql.php
--- libphp-adodb-4.52/build-tree/adodb/tests/tmssql.php 2003-04-15 
04:36:28.0 -0700
+++ libphp-adodb-4.52.new/build-tree/adodb/tests/tmssql.php 2006-03-24 
15:41:04.0 -0800
@@ -53,6 +53,16 @@
$rs = $conn-Execute('delete from tester');
print date=.$conn-GetOne('select getdate()').br;
 }
+
+
+$ACCEPTIP = '127.0.0.1';
+
+$remote = $HTTP_SERVER_VARS[REMOTE_ADDR];
+
+if (!empty($ACCEPTIP))
+ if ($remote != '127.0.0.1'  $remote != $ACCEPTIP)
+   die(Unauthorised client: '$remote');
+
 ?
 a href=tmssql.php?do=tmssqlmssql/a
 a href=tmssql.php?do=tpearpear/a
@@ -60,6 +70,11 @@
 ?php
 if (!empty($_GET['do'])) {
$do = $_GET['do'];
-   $do();
+   switch($do) {
+   case 'tpear':
+   case 'tadodb':
+   case 'tmssql':
+   $do();
+   }
 }
-?
\ No newline at end of file
+?
diff -Nur libphp-adodb-4.52/build-tree/adodb/drivers/adodb-postgres64.inc.php 
libphp-adodb-4.52.new/build-tree/adodb/drivers/adodb-postgres64.inc.php
--- libphp-adodb-4.52/build-tree/adodb/drivers/adodb-postgres64.inc.php 
2004-08-10 01:26:27.0 -0700
+++ libphp-adodb-4.52.new/build-tree/adodb/drivers/adodb-postgres64.inc.php 
2006-03-24 15:49:22.0 -0800
@@ -214,7 +214,7 @@
return $ret;
}

-   /*
+   
// if magic quotes disabled, use pg_escape_string()
function qstr($s,$magic_quotes=false)
{
@@ -223,7 +223,7 @@
return  '.pg_escape_string($s).';
}
if ($this-replaceQuote[0] == '\\'){
-   $s = 
adodb_str_replace(array('\\',\0),array('',\\\0),$s);
+   $s = 
adodb_str_replace(array('\\',\0),array('',000),$s);
}
return  
'.str_replace(',$this-replaceQuote,$s).'; 
}
@@ -232,7 +232,7 @@
$s = str_replace('\\','',$s);
return '$s';
}
-   */
+   


// Format date column in sql string given an input format that 
understands Y M D


signature.asc
Description: Digital signature

Bug#358872: Processed: notfound 358872 in 4.72-0.1, found 358872 in 4.52-1

2006-03-25 Thread Cameron Dale 
Debian Bug Tracking System wrote:
 Processing commands for [EMAIL PROTECTED]:
 
 # Automatically generated email from bts, devscripts version 2.9.15
 notfound 358872 4.72-0.1
 Bug#358872: libphp-adodb: Multiple cross-site scripting (XSS) vulnerabilities
 Bug marked as not found in version 4.72-0.1.
 
  # I assume; but not in the version that is claimed to fix it...
 found 358872 4.52-1
 Bug#358872: libphp-adodb: Multiple cross-site scripting (XSS) vulnerabilities
 Bug marked as found in version 4.52-1.
 
 End of message, stopping processing here.
 
 Please contact me if you need assistance.
 
 Debian bug tracking system administrator
 (administrator, Debian Bugs database)
 
 
 

Oops, looks like I submitted the bug on my locally created package
instead of the proper one. The current version in testing and unstable
(4.64-4) does suffer from this bug as well as the version in stable
(4.52-1).

Sorry.

-- 
Cameron Dale
[EMAIL PROTECTED]



signature.asc
Description: OpenPGP digital signature

Bug#358872: libphp-adodb: Multiple cross-site scripting (XSS) vulnerabilities

2006-03-24 Thread Cameron Dale 
Package: libphp-adodb
Version: 4.72-0.1
Severity: grave
Tags: security
Justification: user security hole


Another vulnerability:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806

See also:

http://www.securityfocus.com/archive/1/archive/1/425393/100/0/threaded

Is fixed in 4.72:

http://sourceforge.net/project/shownotes.php?release_id=395252group_id=42718



-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-k7
Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1)

Versions of packages libphp-adodb depends on:
ii  debconf [debconf-2.0] 1.4.70 Debian configuration management sy
ii  libapache2-mod-php5 [phpapi-2 5.1.2-1server-side, HTML-embedded scripti
ii  php4-cgi [phpapi-20050606]4:4.4.2-1  server-side, HTML-embedded scripti
ii  php5-cli [phpapi-20051025]5.1.2-1command-line interpreter for the p

Versions of packages libphp-adodb recommends:
ii  php4-mysql4:4.4.2-1  MySQL module for php4
pn  php4-odbc | php5-odbc none (no description available)
ii  php4-pgsql4:4.4.2-1  PostgreSQL module for php4
pn  php4-sybase | php5-sybase none (no description available)
ii  php5-mysql5.1.2-1MySQL module for php5
ii  php5-pgsql5.1.2-1PostgreSQL module for php5

-- debconf information:
* libphp-adodb/pathmove:


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]