Your message dated Sat, 02 Apr 2005 17:02:58 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#299922: fixed in mailscanner 4.40.11-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 17 Mar 2005 11:57:03 +0000
>From [EMAIL PROTECTED] Thu Mar 17 03:57:03 2005
Return-path: <[EMAIL PROTECTED]>
Received: from (feyerabend.lis.bremen.de) [134.102.64.25]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DBtcc-0002GS-00; Thu, 17 Mar 2005 03:57:03 -0800
Received: from wollie by feyerabend.lis.bremen.de with local (Exim 4.44)
id 1DBtL8-0000SO-Hl
for [EMAIL PROTECTED]; Thu, 17 Mar 2005 12:38:58 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Wolfgang Kohnen <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: mailscanner: lock/pid file location violates fhs
X-Mailer: reportbug 3.8
Date: Thu, 17 Mar 2005 12:38:58 +0100
Message-Id: <[EMAIL PROTECTED]>
X-lis.bremen.de-MailScanner: Found to be clean
X-MailScanner-From: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: mailscanner
Version: 4.38.10-1
Severity: serious
Justification: fhs
Hello,
with the default configuration, mailscanner uses /tmp as the directory
holding pid and lock files. Since these dirs are world writeable, this
is a security concern. It should use /var/run/mailscanner instead. I
think this bug should be fixed downstream and be reported upstream as
well.
Greetings,
Wollie
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages mailscanner depends on:
ii debconf 1.4.30.11 Debian configuration management sy
ii exim4 4.44-2 metapackage to ease exim MTA (v4)
ii exim4-daemon-heavy [mail-tran 4.44-2 exim MTA (v4) daemon with extended
ii libarchive-zip-perl 1.14-1 Module for manipulation of ZIP arc
ii libcompress-zlib-perl 1.34-1 Perl module for creation and manip
ii libconvert-binhex-perl 1.119-2 Perl5 module for extracting data f
ii libconvert-tnef-perl 0.17-4 Perl module to read TNEF files
ii libhtml-parser-perl 3.45-1 A collection of modules that parse
ii libmime-perl 5.417-1 Perl5 modules for MIME-compliant m
ii libnet-cidr-perl 0.10-1 Manipulate IPv4/IPv6 netblocks in
ii perl 5.8.4-6 Larry Wall's Practical Extraction
ii spamassassin 3.0.2-1 Perl-based spam filter using text
ii ucf 1.14 Update Configuration File: preserv
ii unzip 5.52-1 De-archiver for .zip files
ii wget 1.9.1-8 retrieves files from the web
-- debconf information:
mailscanner/v3_upgrade: Don't upgrade
---------------------------------------
Received: (at 299922-close) by bugs.debian.org; 2 Apr 2005 22:09:36 +0000
>From [EMAIL PROTECTED] Sat Apr 02 14:09:36 2005
Return-path: <[EMAIL PROTECTED]>
Received: from gluck.debian.org [192.25.206.10]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DHqoB-0007lB-00; Sat, 02 Apr 2005 14:09:36 -0800
Received: from newraff.debian.org [208.185.25.31] (mail)
by gluck.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DHqoB-0007tb-00; Sat, 02 Apr 2005 15:09:35 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DHqhm-0000j8-00; Sat, 02 Apr 2005 17:02:58 -0500
From: Matthias Klose <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#299922: fixed in mailscanner 4.40.11-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 02 Apr 2005 17:02:58 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
Source: mailscanner
Source-Version: 4.40.11-1
We believe that the bug you reported is fixed in the latest version of
mailscanner, which is due to be installed in the Debian FTP archive:
mailscanner_4.40.11-1.diff.gz
to pool/main/m/mailscanner/mailscanner_4.40.11-1.diff.gz
mailscanner_4.40.11-1.dsc
to pool/main/m/mailscanner/mailscanner_4.40.11-1.dsc
mailscanner_4.40.11-1_all.deb
to pool/main/m/mailscanner/mailscanner_4.40.11-1_all.deb
mailscanner_4.40.11.orig.tar.gz
to pool/main/m/mailscanner/mailscanner_4.40.11.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthias Klose <[EMAIL PROTECTED]> (supplier of updated mailscanner package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 2 Apr 2005 22:51:21 +0200
Source: mailscanner
Binary: mailscanner
Architecture: source all
Version: 4.40.11-1
Distribution: unstable
Urgency: medium
Maintainer: Matthias Klose <[EMAIL PROTECTED]>
Changed-By: Matthias Klose <[EMAIL PROTECTED]>
Description:
mailscanner - email virus scanner and spam tagger
Closes: 298779 299922
Changes:
mailscanner (4.40.11-1) unstable; urgency=medium
.
* New upstream version.
* Change default lock directory to /var/lock/subsys/MailScanner.
Closes: #299922.
* Add dependency on unrar.
* Add Czech translation of the debconf templates (closes: #298779).
Files:
86d00ba958b4c4ac3fc04d23bb1d9a6f 608 mail optional mailscanner_4.40.11-1.dsc
37b6faab2846f51f481aad4997559d98 1904322 mail optional
mailscanner_4.40.11.orig.tar.gz
50e4fdf808c29d5d055205bbaacb19de 28401 mail optional
mailscanner_4.40.11-1.diff.gz
1d3cdf9abed3d09261bf713daeac982c 1930070 mail optional
mailscanner_4.40.11-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCTxVYStlRaw+TLJwRAixLAJ9LwQR2q2F52fVSG+WXe4GLWzfbbwCgrLeo
3jzfr/ftDJtxnTzkdP2J+hI=
=+By+
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
