Your message dated Wed, 25 Apr 2012 19:47:12 +0000
with message-id <e1sn8be-0008o0...@franck.debian.org>
and subject line Bug#656208: fixed in asterisk 1:1.6.2.9-2+squeeze5
has caused the Debian Bug report #656208,
regarding asterisk: postinst script doesn't quote directories for chown
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
656208: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656208
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: asterisk
Version: 1:1.6.2.9-2+squeeze4
Severity: grave
Tags: patch
Justification: renders package unusable
When asterisk is upgraded, and some of the directories it chowns
contain spaces, the package remains unconfigured.
-- System Information:
Debian Release: 6.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages asterisk depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii asterisk-config-cu 1.1.3 Asterisk configuration by POCOS
ii asterisk-sounds-ma 1:1.6.2.9-2+squeeze4 Core Sound files for Asterisk (Eng
ii dahdi 1:2.2.1.1-1 utilities for using the DAHDI kern
ii libasound2 1.0.23-2.1 shared library for ALSA applicatio
ii libc-client2007e 8:2007e~dfsg-3.1 c-client library for mail protocol
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libcap2 1:2.19-3 support for getting/setting POSIX.
ii libcurl3 7.21.0-2 Multi-protocol file transfer libra
ii libgcc1 1:4.4.5-8 GCC support library
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
ii libgmime-2.0-2a 2.2.25-2 MIME library
ii libgsm1 1.0.13-3 Shared libraries for GSM speech co
ii libiksemel3 1.2-4 C library for the Jabber IM platfo
ii libjack-jackd2-0 [ 1.9.6~dfsg.1-2 JACK Audio Connection Kit (librari
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii liblua5.1-0 5.1.4-5 Simple, extensible, embeddable pro
ii libncurses5 5.7+20100313-5 shared libraries for terminal hand
ii libnewt0.52 0.52.11-1 Not Erik's Windowing Toolkit - tex
ii libogg0 1.2.0~dfsg-1 Ogg bitstream library
ii libopenais3 1.1.2-2 Standards-based cluster framework
ii libopenr2-3 1.3.0-2 MFC/R2 (telephony) call setup libr
ii libpopt0 1.16-1 lib for parsing cmdline parameters
ii libpq5 8.4.9-0squeeze1+b1 PostgreSQL C client library
ii libpri1.4 1.4.11.3-1 Primary Rate ISDN specification li
ii libradiusclient-ng 0.5.6-1.1 Enhanced RADIUS client library
ii libresample1 0.1.3-3 real-time audio resampling library
ii libsdl1.2debian 1.2.14-6.1 Simple DirectMedia Layer
ii libsnmp15 5.4.3~dfsg-2 SNMP (Simple Network Management Pr
ii libspandsp2 0.0.6~pre12-1 Telephony signal processing librar
ii libspeex1 1.2~rc1-1 The Speex codec runtime library
ii libspeexdsp1 1.2~rc1-1 The Speex extended runtime library
ii libsqlite0 2.8.17-6 SQLite shared library
ii libss7-1 1.0.2-1 Signalling System 7 (ss7) library
ii libssl0.9.8 0.9.8o-4squeeze5 SSL shared libraries
ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3
ii libsybdb5 0.82-7 libraries for connecting to MS SQL
ii libtiff4 3.9.4-5+squeeze3 Tag Image File Format (TIFF) libra
ii libtonezone2.0 1:2.2.1.1-1 tonezone library (runtime)
ii libvorbis0a 1.3.1-1 The Vorbis General Audio Compressi
ii libvorbisenc2 1.3.1-1 The Vorbis General Audio Compressi
ii libvpb0 4.2.52-2 Voicetronix telephony hardware use
ii libx11-6 2:1.3.3-4 X11 client-side library
ii libxml2 2.7.8.dfsg-2+squeeze1 GNOME XML library
ii unixodbc 2.2.14p2-1 ODBC tools libraries
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages asterisk recommends:
ii sox 14.3.1-1+b1 Swiss army knife of sound processi
Versions of packages asterisk suggests:
pn asterisk-dev <none> (no description available)
pn asterisk-doc <none> (no description available)
pn asterisk-h323 <none> (no description available)
-- no debconf information
--- asterisk.postinst.orig 2012-01-17 13:18:59.000000000 +0100
+++ asterisk.postinst 2012-01-17 13:19:28.000000000 +0100
@@ -37,7 +37,7 @@
/var/lib/asterisk \
-type d | while read dir; do
if ! dpkg-statoverride --list "$dir" > /dev/null ; then
- chown asterisk: $dir
+ chown asterisk: "$dir"
fi
done
@@ -53,8 +53,8 @@
# spool holds some sensitive information (e.g. monitor, voicemail etc.)
find /var/spool/asterisk -type d | while read dir; do
if ! dpkg-statoverride --list "$dir" > /dev/null ; then
- chown asterisk: $dir
- chmod 750 $dir
+ chown asterisk: "$dir"
+ chmod 750 "$dir"
fi
done
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:1.6.2.9-2+squeeze5
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive:
asterisk-config_1.6.2.9-2+squeeze5_all.deb
to main/a/asterisk/asterisk-config_1.6.2.9-2+squeeze5_all.deb
asterisk-dbg_1.6.2.9-2+squeeze5_amd64.deb
to main/a/asterisk/asterisk-dbg_1.6.2.9-2+squeeze5_amd64.deb
asterisk-dev_1.6.2.9-2+squeeze5_all.deb
to main/a/asterisk/asterisk-dev_1.6.2.9-2+squeeze5_all.deb
asterisk-doc_1.6.2.9-2+squeeze5_all.deb
to main/a/asterisk/asterisk-doc_1.6.2.9-2+squeeze5_all.deb
asterisk-h323_1.6.2.9-2+squeeze5_amd64.deb
to main/a/asterisk/asterisk-h323_1.6.2.9-2+squeeze5_amd64.deb
asterisk-sounds-main_1.6.2.9-2+squeeze5_all.deb
to main/a/asterisk/asterisk-sounds-main_1.6.2.9-2+squeeze5_all.deb
asterisk_1.6.2.9-2+squeeze5.debian.tar.gz
to main/a/asterisk/asterisk_1.6.2.9-2+squeeze5.debian.tar.gz
asterisk_1.6.2.9-2+squeeze5.dsc
to main/a/asterisk/asterisk_1.6.2.9-2+squeeze5.dsc
asterisk_1.6.2.9-2+squeeze5_amd64.deb
to main/a/asterisk/asterisk_1.6.2.9-2+squeeze5_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 656...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tzafrir Cohen <tzaf...@debian.org> (supplier of updated asterisk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 25 Apr 2012 12:00:20 +0300
Source: asterisk
Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg
asterisk-sounds-main asterisk-config
Architecture: source all amd64
Version: 1:1.6.2.9-2+squeeze5
Distribution: stable-security
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org>
Changed-By: Tzafrir Cohen <tzaf...@debian.org>
Description:
asterisk - Open Source Private Branch Exchange (PBX)
asterisk-config - Configuration files for Asterisk
asterisk-dbg - Debugging symbols for Asterisk
asterisk-dev - Development files for Asterisk
asterisk-doc - Source code documentation for Asterisk
asterisk-h323 - H.323 protocol support for Asterisk
asterisk-sounds-main - Core Sound files for Asterisk (English)
Closes: 656208 664411 670180
Changes:
asterisk (1:1.6.2.9-2+squeeze5) stable-security; urgency=high
.
* Do include patch AST-2011-014.
* Quote pathes in postinst script: Closes: #656208 (Pocos).
* Patch AST-2012-002 Stack overflow in Milliwatt
(CVE-2012-1183): Closes: #664411.
* Two extra patches: Closes: #670180:
- Patch AST-2012-004 - further Manager permission fixes (CVE-2012-2414).
- Patch AST-2012-005 - Heap overflow in chan_skinny (CVE-2012-2415).
Checksums-Sha1:
39a654f665c9877b744da41c85415063c514645d 2219 asterisk_1.6.2.9-2+squeeze5.dsc
272ca90631534f1be876b1c647f4c748995a338e 95666
asterisk_1.6.2.9-2+squeeze5.debian.tar.gz
d22c86ddbccd2c7159794fc9e85a6456117d665c 1704596
asterisk-doc_1.6.2.9-2+squeeze5_all.deb
b504c38c20ef63650c296a2591b936a8ef1e5b75 636010
asterisk-dev_1.6.2.9-2+squeeze5_all.deb
fa24391b58a601f9f13d5c56fdf3a721b2a75567 2187404
asterisk-sounds-main_1.6.2.9-2+squeeze5_all.deb
401aad085b929b8af94883f0ed410a540ce0b6c3 716888
asterisk-config_1.6.2.9-2+squeeze5_all.deb
ab444f57366e641d752a26166c0a429e6be7eeb2 3600454
asterisk_1.6.2.9-2+squeeze5_amd64.deb
9da8b8e67f3ad878eac75f442f5e4ac83800a463 533716
asterisk-h323_1.6.2.9-2+squeeze5_amd64.deb
805a0c67df41ea85e179c0514aac9965aa6a0d71 20343088
asterisk-dbg_1.6.2.9-2+squeeze5_amd64.deb
Checksums-Sha256:
5554cc456c8090c283181a01ff9564b822a699dde53fad13fb9e9f49093c44d2 2219
asterisk_1.6.2.9-2+squeeze5.dsc
4dc90ee5deba709e886169118ac81c5f8b8ef26040f94ced9352771b40de1c52 95666
asterisk_1.6.2.9-2+squeeze5.debian.tar.gz
af239e5e4d8dba1ac64821df41b0fdf6f6fb14ddd59b53b53163c63a36f8de8d 1704596
asterisk-doc_1.6.2.9-2+squeeze5_all.deb
7843a5cae8b2437d357800021a9e006a01be510715efc361cafb096b3dea36b3 636010
asterisk-dev_1.6.2.9-2+squeeze5_all.deb
af6d122aed7482853a663232b32f2b79828f4a139e7114bd135f682751b056db 2187404
asterisk-sounds-main_1.6.2.9-2+squeeze5_all.deb
fd67292af699736009b311a3b13705fd77c6f3fe533cff1e52a867d3ab532d35 716888
asterisk-config_1.6.2.9-2+squeeze5_all.deb
49c94c01541eecc59f6088a9b25b2f240b07370fbcbe48861c550f9e38d097ab 3600454
asterisk_1.6.2.9-2+squeeze5_amd64.deb
4bf242a1095b356a0eee049e128ccd25a60b6fa06395c8258401c6a1b9b06520 533716
asterisk-h323_1.6.2.9-2+squeeze5_amd64.deb
f20b99640e9a9d60824c5a06904f5089fceee6d17bb021ec1a97a8f78e49c196 20343088
asterisk-dbg_1.6.2.9-2+squeeze5_amd64.deb
Files:
a85bafc2172ee137b83298adf9d02fe3 2219 comm optional
asterisk_1.6.2.9-2+squeeze5.dsc
755e034ce92db1d81ac6f4919aaeaa26 95666 comm optional
asterisk_1.6.2.9-2+squeeze5.debian.tar.gz
b7d8b907be2d7c0b9f79cace17c1ad6a 1704596 doc extra
asterisk-doc_1.6.2.9-2+squeeze5_all.deb
b1132fcb341709b8413e353aa2f7ec0f 636010 devel extra
asterisk-dev_1.6.2.9-2+squeeze5_all.deb
4da02fbf40c57e24e9ae31b68833f161 2187404 comm optional
asterisk-sounds-main_1.6.2.9-2+squeeze5_all.deb
3d527114409b9ff7b0e743efa71bb954 716888 comm optional
asterisk-config_1.6.2.9-2+squeeze5_all.deb
7f4ce857b2d6fbf1f7cff77806eb369e 3600454 comm optional
asterisk_1.6.2.9-2+squeeze5_amd64.deb
7d88d30157900f9f82d0279cfdca0aed 533716 comm optional
asterisk-h323_1.6.2.9-2+squeeze5_amd64.deb
17779d76a8f5aa8fd1aa780f1091a4eb 20343088 debug extra
asterisk-dbg_1.6.2.9-2+squeeze5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk+X77gACgkQxArWdkN9MotMDQCeP6JLAXX37YWwlFxGQMnsbWwi
27QAn3c6NOrHD2q3EjQczDwNILKvW2vN
=SpfK
-----END PGP SIGNATURE-----
--- End Message ---
