subject:"\[Touch\-packages\] \[Bug 1977689\] Re\: Wrong error msg\: \"state file \/var\/lib\/logrotate\/status is world\-readable\" although it is not"

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

2022-11-28 Thread Alessandro Ratti

My bad, it seems you have pushed  3.20.1-1ubuntu1 to Lunar and Kinetic after 
all.
When we can expect 3.20.1-1ubuntu1 released for Jammy?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to logrotate in Ubuntu.
https://bugs.launchpad.net/bugs/1977689

Title:
  Wrong error msg: "state file /var/lib/logrotate/status is world-
  readable" although it is not

Status in logrotate package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu 22.04
  logrotate 3.19.0-1ubuntu1.1

  Every hour, I receive this wrong message:

  Subject:  Cron >cd / && run-parts --report 
/etc/cron.hourly
  /etc/cron.hourly/logrotate:
  error: state file /var/lib/logrotate/status is world-readable and thus can be 
locked from other unprivileged users. Skipping lock acquisition...

  despite:

  # ls -al /var/lib/logrotate
  total 40
  drwxr-x---  2 root root  4096 Jun  5 17:17 .
  drwxr-xr-x 66 root root  4096 Jun  3 20:02 ..
  -rw-r-  1 root root 31974 Jun  5 17:17 status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1977689/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

2022-11-28 Thread Alessandro Ratti

Hello,

I think this commit [1] (3.17.0) introduced a security problem to which it was 
assigned CVE-2022-1348 [2].
They fixed it in [3] (3.20.0) and [4] (3.20.1).
Although I see you've pulled from debian/sid the patched version, I don't think 
you have ever pushed those patches to jammy/devel. 

May I request to release a package with the fix?

Thanks

[1]: 
https://github.com/logrotate/logrotate/commit/f46d0bdfc9c53515c13880c501f4d2e1e7dd8b25
[2]: https://github.com/advisories/GHSA-4c4j-w8hm-rjgv
[3]: 
https://github.com/logrotate/logrotate/commit/1f76a381e2caa0603ae3dbc51ed0f1aa0d6658b9
[4]: 
https://github.com/logrotate/logrotate/commit/addbd293242b0b78aa54f054e6c1d249451f137d

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1348

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to logrotate in Ubuntu.
https://bugs.launchpad.net/bugs/1977689

Title:
  Wrong error msg: "state file /var/lib/logrotate/status is world-
  readable" although it is not

Status in logrotate package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu 22.04
  logrotate 3.19.0-1ubuntu1.1

  Every hour, I receive this wrong message:

  Subject:  Cron >cd / && run-parts --report 
/etc/cron.hourly
  /etc/cron.hourly/logrotate:
  error: state file /var/lib/logrotate/status is world-readable and thus can be 
locked from other unprivileged users. Skipping lock acquisition...

  despite:

  # ls -al /var/lib/logrotate
  total 40
  drwxr-x---  2 root root  4096 Jun  5 17:17 .
  drwxr-xr-x 66 root root  4096 Jun  3 20:02 ..
  -rw-r-  1 root root 31974 Jun  5 17:17 status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1977689/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

2022-06-09 Thread Dominic Raferd

+1

I see the same after upgrading to Ubuntu 22.04. Two problems I think:
- it is not really an error since the file is *not* world-readable
- if the file was world-readable the message should I think say 'cannot', not 
'can'

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to logrotate in Ubuntu.
https://bugs.launchpad.net/bugs/1977689

Title:
  Wrong error msg: "state file /var/lib/logrotate/status is world-
  readable" although it is not

Status in logrotate package in Ubuntu:
  New

Bug description:
  Ubuntu 22.04
  logrotate 3.19.0-1ubuntu1.1

  Every hour, I receive this wrong message:

  Subject:  Cron >cd / && run-parts --report 
/etc/cron.hourly
  /etc/cron.hourly/logrotate:
  error: state file /var/lib/logrotate/status is world-readable and thus can be 
locked from other unprivileged users. Skipping lock acquisition...

  despite:

  # ls -al /var/lib/logrotate
  total 40
  drwxr-x---  2 root root  4096 Jun  5 17:17 .
  drwxr-xr-x 66 root root  4096 Jun  3 20:02 ..
  -rw-r-  1 root root 31974 Jun  5 17:17 status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1977689/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

[Touch-packages] [Bug 1977689] Re: Wrong error msg: "state file /var/lib/logrotate/status is world-readable" although it is not

3 matches

Site Navigation

Mail list logo

Footer information