Your message dated Mon, 24 May 2010 16:37:50 +0000 with message-id <e1ogaf0-0000x8...@ries.debian.org> and subject line Bug#582798: fixed in wicd 1.7.0+ds1-3 has caused the Debian Bug report #582798, regarding wicd changed the permissions of /etc/resolv.conf to -rw-rw-rw- to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 582798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582798 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: dhcp3-client Version: 3.1.3-2 Severity: critical Tags: security Justification: root security hole I've just seen: $ ll /etc/resolv.conf -rw-rw-rw- 1 root root 23 2010-05-23 08:40:05 /etc/resolv.conf allowing modification by any user. /etc/resolv.conf was last modified by dhclient, and AFAIK, it is the only one that modifies this file. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31-1-amd64 (SMP w/2 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Versions of packages dhcp3-client depends on: ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy ii debianutils 3.2.3 Miscellaneous utilities specific t ii dhcp3-common 3.1.3-2 common files used by all the dhcp3 ii libc6 2.10.2-9 Embedded GNU C Library: Shared lib dhcp3-client recommends no packages. Versions of packages dhcp3-client suggests: ii avahi-autoipd 0.6.25-3 Avahi IPv4LL network address confi pn resolvconf <none> (no description available) -- Configuration Files: /etc/dhcp3/dhclient.conf changed: option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; prepend domain-name-servers 127.0.0.1; request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; -- debconf information: dhcp3-client/dhclient-needs-restarting: dhcp3-client/dhclient-script_moved:
--- End Message ---
--- Begin Message ---Source: wicd Source-Version: 1.7.0+ds1-3 We believe that the bug you reported is fixed in the latest version of wicd, which is due to be installed in the Debian FTP archive: python-wicd_1.7.0+ds1-3_all.deb to main/w/wicd/python-wicd_1.7.0+ds1-3_all.deb wicd-cli_1.7.0+ds1-3_all.deb to main/w/wicd/wicd-cli_1.7.0+ds1-3_all.deb wicd-curses_1.7.0+ds1-3_all.deb to main/w/wicd/wicd-curses_1.7.0+ds1-3_all.deb wicd-daemon_1.7.0+ds1-3_all.deb to main/w/wicd/wicd-daemon_1.7.0+ds1-3_all.deb wicd-gtk_1.7.0+ds1-3_all.deb to main/w/wicd/wicd-gtk_1.7.0+ds1-3_all.deb wicd_1.7.0+ds1-3.debian.tar.gz to main/w/wicd/wicd_1.7.0+ds1-3.debian.tar.gz wicd_1.7.0+ds1-3.dsc to main/w/wicd/wicd_1.7.0+ds1-3.dsc wicd_1.7.0+ds1-3_all.deb to main/w/wicd/wicd_1.7.0+ds1-3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 582...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Paleino <da...@debian.org> (supplier of updated wicd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 24 May 2010 18:11:17 +0200 Source: wicd Binary: wicd wicd-daemon wicd-gtk wicd-curses wicd-cli python-wicd Architecture: source all Version: 1.7.0+ds1-3 Distribution: unstable Urgency: low Maintainer: David Paleino <da...@debian.org> Changed-By: David Paleino <da...@debian.org> Description: python-wicd - wired and wireless network manager - Python module wicd - wired and wireless network manager - metapackage wicd-cli - wired and wireless network manager - scriptable cli client wicd-curses - wired and wireless network manager - Curses client wicd-daemon - wired and wireless network manager - daemon wicd-gtk - wired and wireless network manager - GTK+ client Closes: 537195 570891 574152 578014 579497 582798 582817 Changes: wicd (1.7.0+ds1-3) unstable; urgency=low . * debian/control: - fixed package descriptions (Closes: #574152) * debian/patches/: - 23-fix_script_macro_expansion.patch ported from upstream, fixes bug in script macro expansion. - 24-wait_for_DHCP_client.patch added, waits for DHCP's client process to end, avoiding zombie processes. Thanks to Marin Ivanov for the patch! (Closes: #537195) - 25-use_dhcpcd_also_in_Debian.patch added: upstream changed the client from dhcpcd to dhcpcd-bin. This patch reverts it, so that defaults in /etc/default/dhcpcd are still observed. (Closes: #578014) - 26-support_etc-network_scripts.patch added, support /etc/network/ hierarchy for connection scripts (Closes: #579497) - 27-fix_resolv.conf_perms.patch added, make sure dhclient.conf has 0644 permissions (Closes: #582798) - 28-announce_dhclient.conf.template.patch added, describe /etc/wicd/dhclient.conf.template in wicd(8) (Closes: #582817) - 29-document_variables_passed_to_scripts.patch added (Closes: #570891) * debian/NEWS.Debian updated to announce /etc/wicd/dhclient.conf.template Checksums-Sha1: 5e242be95af5f772b91d82c82f15f02204ef9965 1268 wicd_1.7.0+ds1-3.dsc e841a702d3289fd93e85c4665e5d03d3b1e6599d 27741 wicd_1.7.0+ds1-3.debian.tar.gz b2fb893f58d6a184af5e39cc7147fb7ec162a6c2 40726 wicd_1.7.0+ds1-3_all.deb 5255795688126e32f4ad1884a0ba8c7907d458e3 277424 wicd-daemon_1.7.0+ds1-3_all.deb aa351503a25fb78564f9270cb43c053500b5ff9b 149890 wicd-gtk_1.7.0+ds1-3_all.deb 0f311e7d62ae61306b41b48c3de9a648f210142e 70494 wicd-curses_1.7.0+ds1-3_all.deb b5ae15916ec6bc477df213a1f94b1cbebd54e0b7 43810 wicd-cli_1.7.0+ds1-3_all.deb 1d23767cccd5f4139dded5fe066ba5e139a59672 76148 python-wicd_1.7.0+ds1-3_all.deb Checksums-Sha256: 5761e5140974de9d9d716dc856054c9336989db6a3f5ac833489f1f8d0c239dc 1268 wicd_1.7.0+ds1-3.dsc ac02114be4d0258f689cf9271497f5cb8f2554cb4e5b3e086b0700bbcb3a931a 27741 wicd_1.7.0+ds1-3.debian.tar.gz 797c57b1064a30d401d586030a18c0eede8fde6398c8fc0e017dfd1c0750c677 40726 wicd_1.7.0+ds1-3_all.deb 45f27dc42fefb874d1be1b8412636aadc9dac25cb23b8f990a099fc9090a4773 277424 wicd-daemon_1.7.0+ds1-3_all.deb e77caad9fde4a18518fb884c1ba0155356fa76ecb2a78ee5357faede9db9ddea 149890 wicd-gtk_1.7.0+ds1-3_all.deb ee40e727a0704cd8c3ef714d54c5da6cde153b1b31b15c47a359bdeb91fbe52e 70494 wicd-curses_1.7.0+ds1-3_all.deb cf3c5f83cadf1b1b0a5129b0b70af5809ee927dfe1710c0dd4fe64c16b9a625c 43810 wicd-cli_1.7.0+ds1-3_all.deb c6ce517a83b594e7e856463458a5891504399e1d69f359937e5c053d482642e0 76148 python-wicd_1.7.0+ds1-3_all.deb Files: af7872110c20f7cece50e8a5e6fc79cc 1268 net optional wicd_1.7.0+ds1-3.dsc 654b005fdc9faa9c0ca4504916f11c20 27741 net optional wicd_1.7.0+ds1-3.debian.tar.gz 0640ce2794329e1d0e5a971c40694615 40726 net optional wicd_1.7.0+ds1-3_all.deb 7d6d85b97e1c8059bc1caba62a9cf3c8 277424 net optional wicd-daemon_1.7.0+ds1-3_all.deb 42b5b556d1109532677bea0927f293a4 149890 net optional wicd-gtk_1.7.0+ds1-3_all.deb 51b1486479a00001a116846070b0e113 70494 net optional wicd-curses_1.7.0+ds1-3_all.deb 1edea6ed6a09679e66552ddf2be75cda 43810 net optional wicd-cli_1.7.0+ds1-3_all.deb ca429fa9358b3e20ae64b2a4c0b9a672 76148 python optional python-wicd_1.7.0+ds1-3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkv6p78ACgkQ5qqQFxOSsXScjgCgu2ft8WcLdIbFj0ZkYE0vEqNR U2kAni5KQMO2JzRXi85u7CKNQs+iXCiO =IqpU -----END PGP SIGNATURE-----
--- End Message ---
