Your message dated Sat, 19 Dec 2009 19:47:07 +0000
with message-id <e1nm5gd-0001kh...@ries.debian.org>
and subject line Bug#544664: fixed in dma 0.0.2009.07.17-3
has caused the Debian Bug report #544664,
regarding dma: auth.conf is readable by all users
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
544664: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544664
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dma
Version: 0.0.2009.07.17-2
Severity: normal
Hi,
the file /etc/dma/auth.conf is world readable after installation:
$ ls -la /etc/dma/auth.conf
-rw-r--r-- 1 root root 186 Sep 1 21:57 /etc/dma/auth.conf
While this file doesn't contain any secrets after installation, it is
intended to be filled with passwords by the user. So it should not be not
world readable by default.
Regards,
Tino
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.31-rc5-00034-ga33a052-dirty (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dma depends on:
ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy
ii libc6 2.9-23 GNU C Library: Shared libraries
ii liblockfile1 1.08-3 NFS-safe locking library, includes
ii libssl0.9.8 0.9.8k-3 SSL shared libraries
Versions of packages dma recommends:
ii safecat 1.12-1 safely copy stdin to a file
dma suggests no packages.
-- debconf information:
* dma/relayhost: mail.example.com
* dma/dbounceprog: dbounce-simple-safecat
* dma/mailname: x61.home
--- End Message ---
--- Begin Message ---
Source: dma
Source-Version: 0.0.2009.07.17-3
We believe that the bug you reported is fixed in the latest version of
dma, which is due to be installed in the Debian FTP archive:
dma_0.0.2009.07.17-3.debian.tar.gz
to main/d/dma/dma_0.0.2009.07.17-3.debian.tar.gz
dma_0.0.2009.07.17-3.dsc
to main/d/dma/dma_0.0.2009.07.17-3.dsc
dma_0.0.2009.07.17-3_i386.deb
to main/d/dma/dma_0.0.2009.07.17-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 544...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Peter Pentchev <r...@ringlet.net> (supplier of updated dma package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 19 Dec 2009 14:35:10 +0200
Source: dma
Binary: dma
Architecture: source i386
Version: 0.0.2009.07.17-3
Distribution: unstable
Urgency: low
Maintainer: Peter Pentchev <r...@ringlet.net>
Changed-By: Peter Pentchev <r...@ringlet.net>
Description:
dma - lightweight mail transport agent
Closes: 544663 544664 547594 552586 552754 554515 558421
Changes:
dma (0.0.2009.07.17-3) unstable; urgency=low
.
* Really install the files in /etc/dma/ as root/mail/640 and
change the ownership of the existing files in the postinst script
when upgrading from older versions. Closes: #544664
* Install the /usr/bin/mailq and /usr/bin/newaliases symlinks.
Closes: #558421
* Switch to the 3.0 (quilt) source format.
* Update the debconf translations:
- add German. Closes: #552754
- add Japanese. Closes: #554515
- remove a double space and unfuzzy the translations. Closes: #552586
* Fix a crash when the SMTP server does not support STARTTLS.
Closes: #547594
* Always use the user-supplied value from the debconf query for
the smarthost and the double-bounce program. This may result in
debconf overriding a manually-edited config file, so add a note to
dma.conf stating that these values are handled via debconf.
Closes: #544663
* Fix a misspelling of dma/dbounceprog as dma/defer in the debconf
configuration script. Oops.
Checksums-Sha1:
111fc7b20361f19131859f372866347318bf04bd 1943 dma_0.0.2009.07.17-3.dsc
19222e29d079a6342e85f9f663a47b7c4ce1d884 27025
dma_0.0.2009.07.17-3.debian.tar.gz
d8306a8235b7cb404708c16aa481362ffc1b1c97 43868 dma_0.0.2009.07.17-3_i386.deb
Checksums-Sha256:
ed222ddd8998eaba1e234eec6cd51a434012373bded23edbe957449ebc39ef6d 1943
dma_0.0.2009.07.17-3.dsc
62b5f9992a7c2ec8ab06984c15c09aa97cb7605a07a987300ca4c75bce523771 27025
dma_0.0.2009.07.17-3.debian.tar.gz
7350f501abf04f1c0362037b337cbdc30f57314f0407e6e09989af12cdc36582 43868
dma_0.0.2009.07.17-3_i386.deb
Files:
28d3b55cff0a4f250bde6c00efe0a6e0 1943 mail optional dma_0.0.2009.07.17-3.dsc
70b88022d2c2b4bb0d4239617acd1e73 27025 mail optional
dma_0.0.2009.07.17-3.debian.tar.gz
e07d3cd1de43936a15a57918dc84fce2 43868 mail optional
dma_0.0.2009.07.17-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBAgAGBQJLLSk0AAoJEBxXDIkOS9CrPdYP/0n1QF+q9wuOn+ns/1JCdDlc
ZnyLYELlmYb6WsAShLgPEMiwl5/kBw4P/aF2FJIR/TsMGA0h/6kLiltquMH3ssgd
+MD9Iy6TgEB80y5m2JmSIQeKKd2Atglp3SSusXps9gDnIQvnwduZGpvA45yWeQXr
EmwLJkHOQkyehaRYwGKIbsxj3LDmK9zOrq10DHQ0zxDBr4dKyY+5cXVcCpdATf4l
yMJGBYxGBOZZYQyrBOo5/LOm8hTD6pe2Gxjw+VyCN88gCKnQnkR8OkAT++iw95b6
ula6Nzr/Pe4s3+R9IIekxj+jo6sn2sn3smMM+xaXsqKzp/qBajD6QwG7zGwAwxq2
UuC7mX/ejSQ7++yB3gymn5O7ak5gbaJ3bE6vvNfjDfgFFzD6xKR82iKJQ/puSHto
b+08rCVRNLANbc/K+1c8pfa8reQRKNxCjBpIcSH7uhCQ3UBIPeU1my5g1isA5bXq
eYK9P4xcPcg/hPtiC2CV7VHx1kK1yTuQHlWVGkiP0WuK+mqt/jSd0yKjMGWEWLuv
8zt1C0CRsT4/T6rN05a2iRx5b3qk57aGwLXzDuPshaSPt04425Hn37UeH1KI8sJE
3gZlR1vxMhOmzfHenCSPcGg2Txx3I0yXjxLl6RedfozrWNWXwpkq1aCNH/GvLilP
Z7ANwP9pcg/kMaVU6eza
=1Bt9
-----END PGP SIGNATURE-----
--- End Message ---
