libdrm_2.4.82-1_amd64.changes is NEW

[Debian FTP Masters]

binary:libdrm-common is NEW.
binary:libdrm-common is NEW.

Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are valid), so please be patient.

Packages are routinely processed through to the archive, and do feel
free to browse the NEW queue[1].

If there is an issue with the upload, you will receive an email from a
member of the ftpteam.

If you have any questions, you may reply to this email.

[1]: https://ftp-master.debian.org/new.html
 or https://ftp-master.debian.org/backports-new.html for *-backports

Processing of libdrm_2.4.82-1_amd64.changes

[Debian FTP Masters]

libdrm_2.4.82-1_amd64.changes uploaded successfully to localhost
along with the files:
  libdrm_2.4.82-1.dsc
  libdrm_2.4.82.orig.tar.gz
  libdrm_2.4.82-1.diff.gz
  libdrm-amdgpu1-dbgsym_2.4.82-1_amd64.deb
  libdrm-amdgpu1_2.4.82-1_amd64.deb
  libdrm-common_2.4.82-1_all.deb
  libdrm-dev_2.4.82-1_amd64.deb
  libdrm-intel1-dbgsym_2.4.82-1_amd64.deb
  libdrm-intel1_2.4.82-1_amd64.deb
  libdrm-nouveau2-dbgsym_2.4.82-1_amd64.deb
  libdrm-nouveau2_2.4.82-1_amd64.deb
  libdrm-radeon1-dbgsym_2.4.82-1_amd64.deb
  libdrm-radeon1_2.4.82-1_amd64.deb
  libdrm2-dbgsym_2.4.82-1_amd64.deb
  libdrm2-udeb_2.4.82-1_amd64.udeb
  libdrm2_2.4.82-1_amd64.deb
  libdrm_2.4.82-1_amd64.buildinfo

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

libdrm: Changes to 'refs/tags/libdrm-2.4.82-1'

[Emilio Pozuelo Monfort]

Tag 'libdrm-2.4.82-1' created by Emilio Pozuelo Monfort  at 
2017-07-28 20:45 +

Tagging upload of libdrm 2.4.82-1 to unstable.
-BEGIN PGP SIGNATURE-

iQIzBAABCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAll7olIACgkQnUbEiOQ2
gwLVQhAAs9NH41BsgwZBBo4bKfW6wHPOzp04bJ+G0JQs5auVcjVoLvCR4P/zN9W/
L1BHuuEyKhrJA1TE2zfI9IeyvbSuWXmTFHbCDLU631QgrxZtH+WSoHPjus6mxD0m
ryXJtTA0swAy9NRtVGdo5Gd7OKdnofT4du4iwQNCQ7sxo88kBGMG6Mod4844+kgv
5RoKLCpbVRPNhAHVQYt8cXFmm/7NyIdgsKOvBsLW+4YC6U43dKusv/0/5jC8/Iop
uNb2yRSWlmtcrhZx2Crsu6t8EBgQ6zUfmwaqbufrx8eM6u4w8Dh2lSBz8Ryloo6r
aRe6xFNeov8m70ayTYKiADRNGHJiXKjPoq1cquX1Gm0hS1tB6Fveel70cEEJj/AM
Uu4yirVbFq1fluow/9ZG7ey9kQInTETQ8Rn/BOo5UtZH2FOb1QF6dGRK0opuWhRc
0Lp0f8UaKDlz8WO7U9R13vCglycxOGf8rW4KAuhvee06ZgChxSQUXrcUtszKG1VT
bnH9KJkVReOKF87VlMMOegXspE322rK2aB6+k1LCs8vGkKkxI7JJ9We6kBAkx/6s
8mrt96hZYGGgq+SelajxHuhW7spBS0ZMtuey++XmiT31dkxphZbB4qrdk+UsO/H1
CXae0EnLSnrkp26HCLzVb7spNEPaEpOHAHWIFZWlX7oAm16wgy8=
=gbOr
-END PGP SIGNATURE-

Changes since libdrm-2.4.81-2:
Anusha Srivatsa (3):
  intel: PCI Ids for S SKU in CFL
  intel: PCI Ids for H SKU in CFL
  intel: PCI Ids for U SKU in CFL

Ben Widawsky (1):
  intel/gen10: Add missed gen10 stuff

Christian Gmeiner (1):
  etnaviv: submit full struct drm_etnaviv_gem_submit

Dave Airlie (6):
  amdgpu: sync amdgpu_drm with kernel.
  drm: update drm.h to latest in drm-next.
  libdrm: add drm syncobj create/destroy/import/export
  drm/amdgpu: add syncobj create/destroy/import/export apis
  drm/amdgpu: add new low overhead command submission API. (v2)
  amdgpu: add new symbols to tests.

Elliott Hughes (1):
  Android's major/minor/makedev live in 

Emilio Pozuelo Monfort (8):
  Merge branch 'upstream-unstable' into debian-unstable
  New upstream release
  Add key from Lucas Stach
  Add libdrm-common package
  Add new symbols
  Bump shlibs for the libraries with new symbols
  Bump Standards-Version to 4.0.0
  Release to unstable

Eric Anholt (1):
  headers: Update drm_fourcc and vc4_drm.h with new VC4 tiling UAPI.

Eric Engestrom (2):
  headers: sync drm_fourcc.h with airlied/drm-next
  headers: sync drm_sarea.h with airlied/drm-next

Leo Liu (5):
  tests/amdgpu: rename uvd messages to decode messages
  tests/amdgpu: separate decode messages
  tests/amdgpu: move decode sum to common
  tests/amdgpu: add vcn tests support and sets
  tests/amdgpu: implement vcn dec unit tests

Lucas Stach (1):
  configure.ac: bump version for release

Michel Dänzer (2):
  tests/amdgpu: s/uvd_messages.h/decode_messages.h/ in Makefile.am
  amdgpu: Add .editorconfig file for amdgpu coding style

Paulo Zanoni (1):
  intel: add GEN10 to IS_9XX.

Rob Herring (1):
  Android: fix missing trailing \

Rodrigo Vivi (3):
  intel: Add Cannonlake PCI IDs for U-skus.
  intel: Add Cannonlake PCI IDs for Y-skus.
  intel/intel_chipset: Move IS_9XX below IS_GEN10.

Tom St Denis (1):
  tests/amdgpu: Fix device_id option

Xiaojie Yuan (1):
  amdgpu: move asic id table to a separate file

coypu (1):
  Remove redundant memclear

---
 Android.common.mk   |1 
 Makefile.am |1 
 amdgpu/.editorconfig|9 
 amdgpu/Makefile.am  |7 
 amdgpu/Makefile.sources |2 
 amdgpu/amdgpu-symbol-check  |7 
 amdgpu/amdgpu.h |   85 +++-
 amdgpu/amdgpu_asic_id.c |  219 ++
 amdgpu/amdgpu_asic_id.h |  165 ---
 amdgpu/amdgpu_cs.c  |   85 
 amdgpu/amdgpu_device.c  |   28 -
 amdgpu/amdgpu_internal.h|   10 
 configure.ac|6 
 data/Makefile.am|   23 +
 data/amdgpu.ids |  159 +++
 debian/changelog|   11 
 debian/control  |   18 
 debian/libdrm-amdgpu1.symbols   |7 
 debian/libdrm-common.install|1 
 debian/libdrm2.symbols  |6 
 debian/rules|4 
 debian/upstream/signing-key.asc |   45 ++
 etnaviv/etnaviv_cmd_stream.c|8 
 include/drm/amdgpu_drm.h|   54 ++
 include/drm/drm.h   |   26 +
 include/drm/drm_fourcc.h|  147 ++
 include/drm/drm_sarea.h |8 
 include/drm/vc4_drm.h   |   22 -
 intel/intel_bufmgr_gem.c|2 
 intel/intel_chipset.h   |   65 ++-
 intel/intel_decode.c|4 
 tests/amdgpu/Makefile.am|5 
 tests/amdgpu/amdgpu_test.c  |   24 -
 tests/amdgpu/amdgpu_test.h  |   15 
 tests/amdgpu/cs_tests.c |7 
 tests/amdgpu/decode_messages.h  |  848 
 tests/amdgpu/uvd_messages.h |  813 --
 tests/amdgpu/vcn_tests.c|  410 +++
 xf86drm.c   |   83 +++
 xf86drm.h   |8 
 40 files changed, 2426 

libdrm: Changes to 'debian-unstable'

[Emilio Pozuelo Monfort]

 debian/changelog |6 --
 debian/control   |2 +-
 debian/rules |4 ++--
 3 files changed, 7 insertions(+), 5 deletions(-)

New commits:
commit fc3d4a6ecc5435f07b9408249042d61f667487ba
Author: Emilio Pozuelo Monfort 
Date:   Fri Jul 28 22:40:23 2017 +0200

Release to unstable

diff --git a/debian/changelog b/debian/changelog
index 56040ae..cc110bc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-libdrm (2.4.82-1) UNRELEASED; urgency=medium
+libdrm (2.4.82-1) unstable; urgency=medium
 
   * New upstream release.
   * debian/upstream/signing-key.asc: add key from Lucas Stach.
@@ -7,7 +7,7 @@ libdrm (2.4.82-1) UNRELEASED; urgency=medium
   * debian/rules: Bump shlibs for the libraries with new symbols.
   * debian/control: Bump Standards-Version to 4.0.0; no changes needed.
 
- -- Emilio Pozuelo Monfort   Wed, 26 Jul 2017 19:18:06 +0200
+ -- Emilio Pozuelo Monfort   Fri, 28 Jul 2017 22:40:20 +0200
 
 libdrm (2.4.81-2) unstable; urgency=medium
 

commit a212996b7db9074c71993ff3796770f29c93638f
Author: Emilio Pozuelo Monfort 
Date:   Fri Jul 28 22:40:12 2017 +0200

Bump Standards-Version to 4.0.0

diff --git a/debian/changelog b/debian/changelog
index 0ceeab8..56040ae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ libdrm (2.4.82-1) UNRELEASED; urgency=medium
   * Add libdrm-common package for new data files.
   * debian/*.symbols: add new symbols.
   * debian/rules: Bump shlibs for the libraries with new symbols.
+  * debian/control: Bump Standards-Version to 4.0.0; no changes needed.
 
  -- Emilio Pozuelo Monfort   Wed, 26 Jul 2017 19:18:06 +0200
 
diff --git a/debian/control b/debian/control
index 5466d8d..3777fcc 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends:
  libpciaccess-dev,
  valgrind [amd64 armhf i386 mips mipsel powerpc s390x],
  libbsd-dev [kfreebsd-any],
-Standards-Version: 3.9.8
+Standards-Version: 4.0.0
 Section: libs
 Vcs-Git: https://anonscm.debian.org/git/pkg-xorg/lib/libdrm.git
 Vcs-Browser: https://anonscm.debian.org/cgit/pkg-xorg/lib/libdrm.git

commit b8299f5d1ec3b8f990fcbfbf14feca65681e98c1
Author: Emilio Pozuelo Monfort 
Date:   Fri Jul 28 22:38:39 2017 +0200

Bump shlibs for the libraries with new symbols

diff --git a/debian/changelog b/debian/changelog
index 832c067..0ceeab8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ libdrm (2.4.82-1) UNRELEASED; urgency=medium
   * debian/upstream/signing-key.asc: add key from Lucas Stach.
   * Add libdrm-common package for new data files.
   * debian/*.symbols: add new symbols.
+  * debian/rules: Bump shlibs for the libraries with new symbols.
 
  -- Emilio Pozuelo Monfort   Wed, 26 Jul 2017 19:18:06 +0200
 
diff --git a/debian/rules b/debian/rules
index bf130d6..fecf6e4 100755
--- a/debian/rules
+++ b/debian/rules
@@ -100,7 +100,7 @@ override_dh_install:
dh_install --fail-missing
 
 override_dh_makeshlibs:
-   dh_makeshlibs -plibdrm2 -V'libdrm2 (>= 2.4.81)' --add-udeb=libdrm2-udeb 
-- -c4
+   dh_makeshlibs -plibdrm2 -V'libdrm2 (>= 2.4.82)' --add-udeb=libdrm2-udeb 
-- -c4
 ifeq ($(INTEL), yes)
dh_makeshlibs -plibdrm-intel1 -V'libdrm-intel1 (>= 2.4.75)' -- -c4
 endif
@@ -108,7 +108,7 @@ ifeq ($(NOUVEAU), yes)
dh_makeshlibs -plibdrm-nouveau2 -V'libdrm-nouveau2 (>= 2.4.66)' -- -c4
 endif
dh_makeshlibs -plibdrm-radeon1 -V'libdrm-radeon1 (>= 2.4.39)' -- -c4
-   dh_makeshlibs -plibdrm-amdgpu1 -V'libdrm-amdgpu1 (>= 2.4.81)' -- -c4
+   dh_makeshlibs -plibdrm-amdgpu1 -V'libdrm-amdgpu1 (>= 2.4.82)' -- -c4
 ifeq ($(ARM), yes)
dh_makeshlibs -plibdrm-omap1 -V'libdrm-omap1 (>= 2.4.38)' -- -c4
dh_makeshlibs -plibdrm-exynos1 -V'libdrm-exynos1 (>= 2.4.66)' -- -c4

Bug#869773: xdm logs failed logins that may be sensitive

[Nicolas George]

Le decadi 10 thermidor, an CCXXV, Julien Cristau a écrit :
> Isn't that true pretty much whichever way you log in (ssh, login, ...),
> not just xdm?

Probably. I just noticed it and verified it on xdm. If other login
prompts have the same issue, a common solution may be better.

Note that with ssh, there is no login prompt, normally.

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature

Bug#870006: xserver-xorg: X60 libreboot Xorg hangs reproducibly after upgrade to stretch

[Michael Kesper]

Package: xserver-xorg
Version: 1:7.7+19
Severity: important

Dear Maintainer,

After upgrading to Stretch, X stopped working.

- Encrpytion password can be entered
- Rescue mode can be started successfully
- After trying to start graphical mode screen always stays black with a 
non-blinking cursor in top left position
- External screens get no signal, either
- Internal keyboard is completely dead
- MagicSysRq works via external keyboard, switching of consoles is not possible
- Installed newest libreboot, no change of behaviour

-- Package-specific info:
/etc/X11/X does not exist.
/etc/X11/X is not a symlink.
/etc/X11/X is not executable.

VGA-compatible devices on PCI bus:
--
00:02.0 VGA compatible controller [0300]: Intel Corporation Mobile 945GM/GMS, 
943/940GML Express Integrated Graphics Controller [8086:27a2] (rev 03)

/etc/X11/xorg.conf does not exist.

/etc/X11/xorg.conf.d does not exist.

/etc/modprobe.d contains no KMS configuration files.

Kernel version (/proc/version):
---
Linux version 4.9.0-3-686-pae (debian-ker...@lists.debian.org) (gcc version 
6.3.0 20170516 (Debian 6.3.0-18) ) #1 SMP Debian 4.9.30-2+deb9u2 (2017-06-26)

Xorg X server log files on system:
--
-rw-r--r-- 1 root root 24551 Jul 28 20:55 /var/log/Xorg.0.log

Contents of most recent Xorg X server log file (/var/log/Xorg.0.log):
-
[14.934] 
X.Org X Server 1.19.2
Release Date: 2017-03-02
[14.934] X Protocol Version 11, Revision 0
[14.934] Build Operating System: Linux 4.9.0-3-amd64 i686 Debian
[14.934] Current Operating System: Linux Three 4.9.0-3-686-pae #1 SMP 
Debian 4.9.30-2+deb9u2 (2017-06-26) i686
[14.934] Kernel command line: BOOT_IMAGE=/vmlinuz-4.9.0-3-686-pae 
root=/dev/mapper/Three--vg-root ro initrd=/install/initrd.gz quiet
[14.934] Build Date: 07 July 2017  06:13:53AM
[14.934] xorg-server 2:1.19.2-1+deb9u1 (https://www.debian.org/support) 
[14.934] Current version of pixman: 0.34.0
[14.934]Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[14.934] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[14.934] (==) Log file: "/var/log/Xorg.0.log", Time: Fri Jul 28 20:55:24 
2017
[14.942] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[14.960] (==) No Layout section.  Using the first Screen section.
[14.960] (==) No screen section available. Using defaults.
[14.960] (**) |-->Screen "Default Screen Section" (0)
[14.960] (**) |   |-->Monitor ""
[14.968] (==) No monitor specified for screen "Default Screen Section".
Using a default monitor configuration.
[14.968] (==) Automatically adding devices
[14.968] (==) Automatically enabling devices
[14.968] (==) Automatically adding GPU devices
[14.968] (==) Max clients allowed: 256, resource mask: 0x1f
[14.995] (WW) The directory "/usr/share/fonts/X11/cyrillic" does not exist.
[14.995]Entry deleted from font path.
[15.008] (==) FontPath set to:
/usr/share/fonts/X11/misc,
/usr/share/fonts/X11/100dpi/:unscaled,
/usr/share/fonts/X11/75dpi/:unscaled,
/usr/share/fonts/X11/Type1,
/usr/share/fonts/X11/100dpi,
/usr/share/fonts/X11/75dpi,
built-ins
[15.008] (==) ModulePath set to "/usr/lib/xorg/modules"
[15.008] (II) The server relies on udev to provide the list of input 
devices.
If no devices become available, reconfigure udev or disable 
AutoAddDevices.
[15.009] (II) Loader magic: 0x80367720
[15.009] (II) Module ABI versions:
[15.009]X.Org ANSI C Emulation: 0.4
[15.009]X.Org Video Driver: 23.0
[15.009]X.Org XInput driver : 24.1
[15.009]X.Org Server Extension : 10.0
[15.010] (++) using VT number 7

[15.010] (II) systemd-logind: logind integration requires -keeptty and 
-keeptty was not provided, disabling logind integration
[15.011] (II) xfree86: Adding drm device (/dev/dri/card0)
[15.023] (--) PCI:*(0:0:2:0) 8086:27a2:17aa:201a rev 3, Mem @ 
0xe430/524288, 0xd000/268435456, 0xe440/262144, I/O @ 0x50b0/8, 
BIOS @ 0x/131072
[15.024] (--) PCI: (0:0:2:1) 8086:27a6:17aa:201a rev 3, Mem @ 
0xe438/524288
[15.025] (II) LoadModule: "glx"
[15.028] (II) Loading /usr/lib/xorg/modules/extensions/libglx.so
[15.101] (II) Module glx: vendor="X.Org Foundation"
[15.101]compiled for 1.19.2, module version = 1.0.0
[15.101]ABI class: X.Org Server Extension, version 10.0
[15.101] (==) Matched intel as autoconfigured driver 0
[15.101] (==) Matched intel as autoconfigured driver 1
[15.101] (==) Matched modesetting as 

Bug#869773: xdm logs failed logins that may be sensitive

[Julien Cristau]

On Fri, Jul 28, 2017 at 21:06:47 +0200, Sven Joachim wrote:

> The unknown username should not be in the log, login(1) replaces names
> of non-existent users with "UNKNOWN" when logging failed attempts.
> 
How about this then (not even build tested):

diff --git a/greeter/greet.c b/greeter/greet.c
index 9b5cef4..ba4b3da 100644
--- a/greeter/greet.c
+++ b/greeter/greet.c
@@ -405,6 +405,9 @@ static void
 FailedLogin (struct display *d, const char *username)
 {
 #ifdef USE_SYSLOG
+if (!getpwnam(username))
+   username = "unknown user";
+
 if (username == NULL)
username = "username unavailable";
 

Cheers,
Julien

Bug#869773: xdm logs failed logins that may be sensitive

[Sven Joachim]

On 2017-07-28 20:49 +0200, Julien Cristau wrote:

> On Wed, Jul 26, 2017 at 11:51:10 +0200, Nicolas George wrote:
>
>> Package: xdm
>> Version: 1:1.1.11-3
>> Severity: normal
>> 
>> Dear Maintainer,
>> 
>> When somebody tries to log in and fails, xdm writes the given user name in
>> the system logs. Unfortunately, typing the password in the login field is a
>> common mistake. When that happens, xdm logs it too. That leaves the
>> password of an user in clear in the system logs. It is not very
>> important, but still a little security concern since normally passwords
>> are stored permanently on the system only in hashed form.
>> 
>> The corresponding log line looks like this:
>> 
>> Jul 26 11:32:31 hellroy xdm[1004]: LOGIN FAILURE ON :0, XXX
>> 
>> (I have redacted the login that was actually a password.)
>> 
>> It may be better to not log it at all, or maybe only log it when it matches
>> an actual login name.
>> 
> Isn't that true pretty much whichever way you log in (ssh, login, ...),
> not just xdm?

The unknown username should not be in the log, login(1) replaces names
of non-existent users with "UNKNOWN" when logging failed attempts.

Cheers,
   Sven

Bug#869773: xdm logs failed logins that may be sensitive

[Julien Cristau]

On Wed, Jul 26, 2017 at 11:51:10 +0200, Nicolas George wrote:

> Package: xdm
> Version: 1:1.1.11-3
> Severity: normal
> 
> Dear Maintainer,
> 
> When somebody tries to log in and fails, xdm writes the given user name in
> the system logs. Unfortunately, typing the password in the login field is a
> common mistake. When that happens, xdm logs it too. That leaves the
> password of an user in clear in the system logs. It is not very
> important, but still a little security concern since normally passwords
> are stored permanently on the system only in hashed form.
> 
> The corresponding log line looks like this:
> 
> Jul 26 11:32:31 hellroy xdm[1004]: LOGIN FAILURE ON :0, XXX
> 
> (I have redacted the login that was actually a password.)
> 
> It may be better to not log it at all, or maybe only log it when it matches
> an actual login name.
> 
Isn't that true pretty much whichever way you log in (ssh, login, ...),
not just xdm?

Cheers,
Julien

Processed: Re: Bug#866031: xserver-xorg-input-synaptics: Breaks xserver-xorg-input-libinput on jessie → stretch upgrade

[Debian Bug Tracking System]

Processing control commands:

> tag -1 - l10n
Bug #866031 [xserver-xorg-input-synaptics] xserver-xorg-input-synaptics: Breaks 
xserver-xorg-input-libinput on jessie → stretch upgrade
Removed tag(s) l10n.

-- 
866031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#866031: xserver-xorg-input-synaptics: Breaks xserver-xorg-input-libinput on jessie → stretch upgrade

[Julien Cristau]

Control: tag -1 - l10n

On Mon, Jun 26, 2017 at 19:29:49 +0100, Conrad Hughes wrote:

> Package: xserver-xorg-input-synaptics
> Version: 1.9.0-1+b1
> Severity: normal
> Tags: l10n
> 
> Dear Maintainer,
> 
> I've just upgraded from jessie to stretch on a laptop with a "SynPS/2 
> Synaptics
> TouchPad" (/proc/bus/input/devices).  After upgrading, tap-to-click no longer
> worked, and I had to use physical buttons for pointer clicks; further, under
> Mouse & Touchpad settings, the only options were primary button, mouse speed
> and natural scrolling: no option to enable tap-to-click.  Various sites
> suggested various remedies (including Gnome Tweak Tool, which didn't work), 
> but
> the solution that worked for me was to uninstall/purge xserver-xorg-input-
> synaptics: with that gone, after logging out and in, I had a much longer list
> of Mouse & Touchpad settings, including tap-to-click.
> 
> It seems that xserver-xorg-input-synaptics sabotages xserver-xorg-input-
> libinput.  From some sources I understand that -synaptics may be obsolete and
> -libinput the future; if so then perhaps the upgrade process is at fault, as I
> had both of these installed after the stretch upgrade.
> 
Turns out, as far as I remember, gnome in stretch breaks if you don't
use -libinput, but other desktops break if you don't use -synaptics.
The game is rigged, you lose every time.  :(

Cheers,
Julien

Bug#869773: xdm logs failed logins that may be sensitive

[G. Branden Robinson]

At 2017-07-26T11:51:10+0200, Nicolas George wrote:
> Package: xdm
> Version: 1:1.1.11-3
> Severity: normal
> 
> Dear Maintainer,
> 
> When somebody tries to log in and fails, xdm writes the given user name in
> the system logs. Unfortunately, typing the password in the login field is a
> common mistake. When that happens, xdm logs it too. That leaves the
> password of an user in clear in the system logs. It is not very
> important, but still a little security concern since normally passwords
> are stored permanently on the system only in hashed form.
> 
> The corresponding log line looks like this:
> 
> Jul 26 11:32:31 hellroy xdm[1004]: LOGIN FAILURE ON :0, XXX
> 
> (I have redacted the login that was actually a password.)
> 
> It may be better to not log it at all, or maybe only log it when it matches
> an actual login name.

Hmm, yes, that's bad.

Here's a quick-and-dirty, untested patch.  I didn't even compile-test it
because I can't get stock xdm to build on my Debian Stretch system.  The
xdm codebase is choked with bad style (unused results, discarded
qualifiers) that causes the compile to bomb long before it gets to
greet.c.

"Somebody should do something about that," he said, peering around a
corner into a mirror.

Regards,
Branden
--- xdm-1.1.11/greeter/greet.c.orig	2017-07-28 14:20:44.649055209 -0400
+++ xdm-1.1.11/greeter/greet.c	2017-07-28 14:21:09.812798680 -0400
@@ -405,12 +405,9 @@
 FailedLogin (struct display *d, const char *username)
 {
 #ifdef USE_SYSLOG
-if (username == NULL)
-	username = "username unavailable";
-
 syslog(LOG_AUTHPRIV|LOG_NOTICE,
-	   "LOGIN FAILURE ON %s, %s",
-	   d->name, username);
+	   "LOGIN FAILURE ON %s",
+	   d->name);
 #endif
 DrawFail (login);
 }


signature.asc
Description: PGP signature

Re: Info over uw diensten

[Daphne Winants]

Beste,

Waarschijnlijk is onderstaande e-mail u even ontsnapt, u mag mij gerust 
doorverwijzen naar een collega, ik vond ondertussen de naam van jullie 
zaakvoerder niet echt terug, zou dit een goeie ingang zijn?

Met vriendelijke groeten,

Daphne Winants
+32 2 669 90 60