Package: courier-maildrop Version: 0.37.3-2.5 Severity: important The setuid bit on the /usr/bin/maildrop command is cleared after an upgrade. As a result, mail delivery is broken.
/var/log/mail/mail.err reports: ... 511 maildrop: Unable to change to home directory. This is related to bug-report #275615 This problem is servere on servers that are configured for automatic, unattended upgrades. One has to either disable automatic upgrades for this package (with the security risk that rise), or have mail-delivery broken until someone becomes aware of the problem and can fix it. The install script could maby check the suid-bit on the existing file, and set it on the upgraded file too (it _is_ required, and if it already is set, it is reasonable to assume that some admin will set it as soon as the mail-users starts to curse him ;) -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux mime 2.6.6ldpfw #1 Thu Aug 12 23:57:57 CEST 2004 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages courier-maildrop depends on: ii courier-mta [mail-tran 0.37.3-2.5 Mail Transport Agent of the Courie ii libc6 2.2.5-11.8 GNU C Library: Shared libraries an ii libgdbmg1 1.7.3-27 GNU dbm database routines (runtime ii libstdc++2.10-glibc2.2 1:2.95.4-11woody1 The GNU stdc++ library -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
