Package: leafnode Version: 1.12.0-2 Severity: important Hi,
After upgrading to bullseye, leafnode switched to systemd socket activation. As a side effect, access control settings in /etc/hosts.allow are no longer honored, and the service accepts connections from everywhere. According to README.Debian, the switch from inetd to systemd should not happen automatically. For me, however, it did. Reporting as important due to the security implications of having the service suddenly open. -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-11-amd64 (SMP w/1 CPU thread; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages leafnode depends on: ii debconf [debconf-2.0] 1.5.82 ii libc6 2.36-9+deb12u1 ii libpcre2-8-0 10.42-1 ii logrotate 3.21.0-1 ii netbase 6.4 leafnode recommends no packages. Versions of packages leafnode suggests: pn openbsd-inetd | inet-superserver <none> ii perl 5.36.0-7 pn tcpd <none> pn update-inetd <none> -- Configuration Files: /etc/cron.d/leafnode changed [not included] /etc/logcheck/ignore.d.paranoid/leafnode [Errno 13] Permission denied: '/etc/logcheck/ignore.d.paranoid/leafnode' /etc/logcheck/ignore.d.server/leafnode [Errno 13] Permission denied: '/etc/logcheck/ignore.d.server/leafnode' /etc/logcheck/ignore.d.workstation/leafnode [Errno 13] Permission denied: '/etc/logcheck/ignore.d.workstation/leafnode' /etc/logcheck/violations.ignore.d/leafnode [Errno 13] Permission denied: '/etc/logcheck/violations.ignore.d/leafnode' /etc/news/leafnode/do-fetch-news changed [not included] /etc/news/leafnode/filters changed [not included] -- debconf information excluded