Axel Beckert wrote:
> Point taken. Will move that line (or an "fwsnort --ipt-flush") into a
> (to be created) prerm and do another QA upload. (Unless you're already
> onto it. Feel free to do that.)
Unfortunately "fwsnort --ipt-flush" only flushes the chains but does
not remove the chains:
#
Control: tag -1 + confirmed - moreinfo
Hi Adrian,
Adrian Bunk wrote:
> > > Tags: security
> >
> > I also disagree with this tag.
>
> messing up the iptables setup at an unexpected time can have bad
> consequences.
bad != security
> > > A case could be made for "fwsnort --ipt-flush" in
Processing control commands:
> tag -1 + confirmed - moreinfo
Bug #862485 [fwsnort] fwsnort mustn't set iptables rules when purged
Added tag(s) confirmed.
Bug #862485 [fwsnort] fwsnort mustn't set iptables rules when purged
Removed tag(s) moreinfo.
--
862485:
Processing control commands:
> severity -1 serious
Bug #862485 [fwsnort] fwsnort mustn't set iptables rules when purged
Severity set to 'serious' from 'important'
--
862485: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862485
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: severity -1 serious
On Sat, May 13, 2017 at 07:27:27PM +0200, Axel Beckert wrote:
> Control: tag -1 + moreinfo
> Control: severity -1 important
>
> Hi Adrian,
Hi Axel,
> Adrian Bunk wrote:
> > Severity: critical
>
> I think that's overly exaggerated.
>
> > Tags: security
>
> I also
Control: tag -1 + moreinfo
Control: severity -1 important
Hi Adrian,
Adrian Bunk wrote:
> Severity: critical
I think that's overly exaggerated.
> Tags: security
I also disagree with this tag.
> The #861999 fix adds the following on purging:
> grep -v FWSNORT /var/lib/fwsnort/fwsnort.save |
Processing control commands:
> tag -1 + moreinfo
Bug #862485 [fwsnort] fwsnort mustn't set iptables rules when purged
Added tag(s) moreinfo.
> severity -1 important
Bug #862485 [fwsnort] fwsnort mustn't set iptables rules when purged
Severity set to 'important' from 'critical'
--
862485:
Package: fwsnort
Version: 1.6.5-3
Severity: critical
Tags: security
The #861999 fix adds the following on purging:
grep -v FWSNORT /var/lib/fwsnort/fwsnort.save | iptables-restore
Imagine the following:
1. today I install fwsnort and try it
2. later today I uninstall it
3. 2 years later I
8 matches
Mail list logo