Your message dated Wed, 07 Jan 2009 01:02:04 +0000
with message-id <e1lkmo8-0002wj...@ries.debian.org>
and subject line Bug#510639: fixed in hal 0.5.11-7
has caused the Debian Bug report #510639,
regarding hal.conf.in needs augmenting for new D-Bus
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
510639: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510639
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: hal
Version: 0.5.11-6
Severity: serious
Justification: blocker for #503532 (CVE-2008-4311)
Tags: upstream
User: pkg-utopia-maintain...@lists.alioth.debian.org
Usertags: CVE-2008-4311
hal installs a D-Bus system policy file which doesn't allow
introspection, or the KillSwitch method used by NetworkManager. These
used to be allowed accidentally by a dbus-daemon bug, but with the
dbus-daemon currently in experimental (which is now targeted for lenny)
they will be denied.
https://bugs.freedesktop.org/show_bug.cgi?id=18985 provides a partial,
unreviewed patch. Some quick notes I made while rummaging through the
hal source tree:
org.freedesktop.Hal.SingletonAddon - emits methods (!?) which libhal receives
rfkill: org.freedesktop.Hal.Device.KillSwitch has SetPower/GetPower
dockstation: org.freedesktop.Hal.Device.DockStation has Undock
org.freedesktop.Hal.Device.Storage has CloseTray, Eject
org.freedesktop.Hal.Device.SystemPowerManagement has Suspend etc.
org.freedesktop.Hal.Device.WakeOnLan has GetEnabled, SetEnabled
LaptopPanel already covered
CPUFreq?
KeyboarBacklight?
LightSensor?
Storage.Removable?
AccessControl?
I don't know which of these should allow privileged or unprivileged
access. A conservative version would be to let root access them.
Regards from the Cambridge BSP,
Simon
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: hal
Source-Version: 0.5.11-7
We believe that the bug you reported is fixed in the latest version of
hal, which is due to be installed in the Debian FTP archive:
hal-doc_0.5.11-7_all.deb
to pool/main/h/hal/hal-doc_0.5.11-7_all.deb
hal_0.5.11-7.diff.gz
to pool/main/h/hal/hal_0.5.11-7.diff.gz
hal_0.5.11-7.dsc
to pool/main/h/hal/hal_0.5.11-7.dsc
hal_0.5.11-7_amd64.deb
to pool/main/h/hal/hal_0.5.11-7_amd64.deb
libhal-dev_0.5.11-7_amd64.deb
to pool/main/h/hal/libhal-dev_0.5.11-7_amd64.deb
libhal-storage-dev_0.5.11-7_amd64.deb
to pool/main/h/hal/libhal-storage-dev_0.5.11-7_amd64.deb
libhal-storage1_0.5.11-7_amd64.deb
to pool/main/h/hal/libhal-storage1_0.5.11-7_amd64.deb
libhal1_0.5.11-7_amd64.deb
to pool/main/h/hal/libhal1_0.5.11-7_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 510...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sjoerd Simons <sjo...@debian.org> (supplier of updated hal package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 07 Jan 2009 00:35:16 +0000
Source: hal
Binary: hal hal-doc libhal1 libhal-storage1 libhal-dev libhal-storage-dev
Architecture: source all amd64
Version: 0.5.11-7
Distribution: unstable
Urgency: high
Maintainer: Utopia Maintenance Team
<pkg-utopia-maintain...@lists.alioth.debian.org>
Changed-By: Sjoerd Simons <sjo...@debian.org>
Description:
hal - Hardware Abstraction Layer
hal-doc - Hardware Abstraction Layer - documentation
libhal-dev - Hardware Abstraction Layer - development files
libhal-storage-dev - Hardware Abstraction Layer - development files
libhal-storage1 - Hardware Abstraction Layer - shared library for storage
devices
libhal1 - Hardware Abstraction Layer - shared library
Closes: 510639
Changes:
hal (0.5.11-7) unstable; urgency=high
.
* debian/patches/71-hal.conf.in-qualify-all-send_interface-.-with-s.patch
- Added. Add send_destination to all rules using send_interface in the
D-Bus config
* debian/patches/72-Allow-anyone-to-introspect-the-hal-daemon-even-with.patch
- Added. Always allow D-Bus introspection
* debian/patches/73-Let-root-call-any-hal-method.patch
- Added. Allow the root user to use any HAL method. Needed to make
NetworkManager and powersaved work properly.
* debian/patches/74-powerdev.patch
- Added. Allow users in the powerdev group to clal methods on the CPUFreq,
WakeOnLan and Dockstation interface
* Thanks to Simon McVittie for preparing and testing the patches
* Makes HAL suitable for use with less permissive versions of D-Bus, like the
one intended to ship with lenny (Closes: #510639)
* Priority high as it fixes an RC bug
Checksums-Sha1:
452c415e6ce5b7671bfe86ba2c857fc32a13cf46 1618 hal_0.5.11-7.dsc
b1889fb66ed0c7713dd6222788bd4659ad98bd13 36297 hal_0.5.11-7.diff.gz
ef5c43ee653ed2175542f7e456af1651297b4a7e 672772 hal-doc_0.5.11-7_all.deb
f00cc3eab02bddab61d1fbd8db62f741ac6b4068 801692 hal_0.5.11-7_amd64.deb
ccb6e934ea133cc6e60efbb1c5da41cf55334703 448626 libhal1_0.5.11-7_amd64.deb
72948225122cb6f739b3169b6ce7a03acccb91c2 438496
libhal-storage1_0.5.11-7_amd64.deb
d996796fb4a413a595a49ec3a7866248106bb486 453462 libhal-dev_0.5.11-7_amd64.deb
01eb20f80fbe7f64c9832f161694aed5c4f95c78 439232
libhal-storage-dev_0.5.11-7_amd64.deb
Checksums-Sha256:
53fbc570c073440aba09d1555ee215c54746a9bf4c0654013a2ea26227b99349 1618
hal_0.5.11-7.dsc
a52629ced61c5dd783f4523e12b463d4f3c48675bafdbc38264a7c0a85ed3eec 36297
hal_0.5.11-7.diff.gz
53a9824d43622dd3b57fe7884244a390ad1a01b51234a195eb352e9a683ef69d 672772
hal-doc_0.5.11-7_all.deb
7782c3360248c43922e78d6ebe7911e31b497e9b755a423a65b3548a06bb710c 801692
hal_0.5.11-7_amd64.deb
2a011a5b1f2e578fa6e1fe4d0d80724e9d4ed03b4ee92a15d7e45d2080a601f2 448626
libhal1_0.5.11-7_amd64.deb
b336dbacf8c715c6774cca6519afdf15243ee1779275e00500a73c8c9c6b55ea 438496
libhal-storage1_0.5.11-7_amd64.deb
f3e7eecda90631d4f59e96b07da4928457776ce58322e6553cb8c1bb9bbd10e9 453462
libhal-dev_0.5.11-7_amd64.deb
a973e4c30d64dee7c17ef8d64db955da15381d8f3883075e557bd8e1f1a6fd02 439232
libhal-storage-dev_0.5.11-7_amd64.deb
Files:
f919ff61e8dd31c79a3a8ebf90d92571 1618 admin optional hal_0.5.11-7.dsc
fd1444cccd6c3df97221debab7352c2e 36297 admin optional hal_0.5.11-7.diff.gz
d1cdf2cf0cc74ae39092445b1c9894a4 672772 doc optional hal-doc_0.5.11-7_all.deb
378d85239495fc08e98ee27c7453d1c6 801692 admin optional hal_0.5.11-7_amd64.deb
059f07c1fdec3a4a2d84165c3e6821b6 448626 libs optional
libhal1_0.5.11-7_amd64.deb
b59aec1912b96e451cb76f6490465748 438496 libs optional
libhal-storage1_0.5.11-7_amd64.deb
ad4c32590ec42c7bdd377e2d465e6c7c 453462 libdevel optional
libhal-dev_0.5.11-7_amd64.deb
858f983441eed3ae54e1e6cf02edbf23 439232 libdevel optional
libhal-storage-dev_0.5.11-7_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAklj+qQACgkQgTd+SodosdILcwCfRCXk8gdr/KGTi0tRAtJfSWIM
NhQAn1mi2Q8IJV/2deQ0gJV79YN+s0jj
=EF2l
-----END PGP SIGNATURE-----
--- End Message ---
