Your message dated Sun, 09 Jun 2013 16:34:12 +0000
with message-id <e1ulizi-0002d6...@franck.debian.org>
and subject line Bug#711251: fixed in debian-edu-config 1.706
has caused the Debian Bug report #711251,
regarding root+KDC password in clear in /var/cache/debconf/
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
711251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711251
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: debian-edu-config
severity: serious
x-debbugs-cc: debian-...@lists.debian.org
version: 1.704
Hi,
On Mittwoch, 5. Juni 2013, Wolfgang Schweer wrote:
> > > Don't know if it was the case before, but now the root password entered
> > > during installation is visible in /var/cache/debconf/templates.dat and
> > > /var/cache/debconf/templates.dat-old (as KDC and LDAP passwords).
> > That is very strange. The values are supposed to be wiped out at the
> > end of the installation, and their type 'password' which is handled
> > specially by debconf and not stored in the "public" database.
> /var/cache/debconf/passwords.dat is clean, but templates.dat and
> templates.dat-old contain both: first-user-password and root pw (as KDC
> and LDAP pw.
Filing as serious bug, so we dont forget.
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
Source: debian-edu-config
Source-Version: 1.706
We believe that the bug you reported is fixed in the latest version of
debian-edu-config, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 711...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Holger Levsen <hol...@debian.org> (supplier of updated debian-edu-config
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 09 Jun 2013 18:14:02 +0200
Source: debian-edu-config
Binary: debian-edu-config debian-edu-config-gosa-netgroups
Architecture: source all
Version: 1.706
Distribution: unstable
Urgency: low
Maintainer: Debian Edu Developers <debian-...@lists.debian.org>
Changed-By: Holger Levsen <hol...@debian.org>
Description:
debian-edu-config - Configuration files for Skolelinux systems
debian-edu-config-gosa-netgroups - netgroups plugin for GOsa²
Closes: 710293 710300 711106 711185 711251 711688
Changes:
debian-edu-config (1.706) unstable; urgency=low
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.706~svn80452:
.
[ Petter Reinholdtsen ]
* Change our edu-krb5 pam-configs setup to not provide PAM
support for changing the password, to ensure password
changes need to change using Gosa (Partly fixes #704461).
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.706~svn80414:
.
[ Petter Reinholdtsen ]
* Activate new web page translation for Romanian added by Victor
Nițu in version 1.705.
* Correct a few inaccurate paths in the web page translations in
da.po, ja.po and pt.po.
.
* Debconf translation updates:
- Swedish, thanks to Anders Jonsson. (Closes: #711688)
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.706~svn80395:
.
[ Petter Reinholdtsen ]
* Add new test case to detect and report passwords lingering in the
debconf database (bug #711251).
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.706~svn80374:
.
[ Petter Reinholdtsen ]
* Made sure subnet-change warn those trying to switch to one of the
problematic subnets, while allowing them to continue by adding
option -f.
* Changing debconf-set-selections-edu to not set the debconf
template default value for passwords, to avoid storing the root
and first user passwords in templates.dat (Closes: #711251).
* Make internal password type debconf templates translatable again,
as making the non-translatable did not affect bug #711251.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.706~svn80357:
.
* Translation updates:
- Indonesian, thanks to T. Surya Fajri. (Closes: #710293)
- Russian, thanks to Yuri Kozlov. (Closes: #710300)
- Japanese, thanks to <victory....@gmail.com>.
- Portuguese, thanks to Américo Monteiro. (Closes: #711106)
- Danish, thanks to Joe Dalton. (Closes: #711185)
- French, thanks to Guilhelm Panaget.
.
[ Petter Reinholdtsen ]
* Made subnet-change complete, teach it how to update
/etc/munin/debian-edu-munin-node.conf and /etc/hosts.allow.
* Report the files that need a manual update at the end of the
subnet-change script run, to make the text easier to see.
* Make internal password type debconf templates non-translatable
to try to work around bug #711251.
Checksums-Sha1:
7d01bd56b2c7c36d24032ff0ca1d90f2939480f6 2011 debian-edu-config_1.706.dsc
4dc672a930a1a9844e3063019b49f1d81ccf59db 521461 debian-edu-config_1.706.tar.gz
9ea915f710a284e928f467181d66a45f1ee81c9e 399836 debian-edu-config_1.706_all.deb
cfee76c638c69f18b46598435df3fa5431388ca5 116508
debian-edu-config-gosa-netgroups_1.706_all.deb
Checksums-Sha256:
fb5f4e333cedebfcdf7cabd64a226d6db1e47fd35f8af111b8e7aedeb49ca6e1 2011
debian-edu-config_1.706.dsc
7f769b14c505019b00e583614c018db94f8c914161923cfc214963d310afca9b 521461
debian-edu-config_1.706.tar.gz
c70e3716e551929e3ed06d42adf0cc12ddb26dc7e60381e5c8d96ca81161350d 399836
debian-edu-config_1.706_all.deb
fa783523f94d16b54fc771793dabe1b4f297c608ac072a3e16acbf9886169fbe 116508
debian-edu-config-gosa-netgroups_1.706_all.deb
Files:
287a6e8c3a58ae09576dfeac1dd888f7 2011 misc extra debian-edu-config_1.706.dsc
1bdbac239af2db12c72d4a206b9d75a4 521461 misc extra
debian-edu-config_1.706.tar.gz
c6e57f6f7f1b13d95cb810e2985632c2 399836 misc extra
debian-edu-config_1.706_all.deb
0ec3b992461fae20ee19563dad259733 116508 misc extra
debian-edu-config-gosa-netgroups_1.706_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIVAwUBUbSsDwkauFYGmqocAQjFlhAAq5D63aRxbzRyDMcLUGgUs7PfAhs+3VHg
EOMn4VZQeP9AlDoGaY+MH3iOHu3MVjqRiXy+VPvM9EV+TIvI7qVPr2Wr66FAc5mk
OBOfVXzOnd+e4cgFzmSP9J4qDlZKGuoQLDzFmIUeqH0ezchw2aZXSzoyr+yqeXLo
ETahrVNJirLE7Ga3c8gg7Z8vgJfdZtwZqXwhp57ioZ9weYzmgVQmQk/06j+etaEe
g5Cech2yLH7vZx3FeKB/eneSTHe179ZxlsgFDjKlk2voKp1rLPIontW+5Nr5ZyoX
iEcxVcpWrf1/gmt1As7zZZpUvVYenuf1uMEnnZgd9mZ5k9EUt6uwJjIb9wATfHMd
3P92qdtfv2BktyCV5x2PL3pcnqpGP6UVbHwbhuPNJukp7LBfizB8q6LseKK5Xvy1
xtpTijhwyLshcNKlJvb1tudBHTlXyLOvD2lwdHPxUJsp76d8wMNK/PPvWN8vOfdN
HDiEkqsnuhIuAmFTFyQ+4whm4obtjhoKmKDcVU9juZ1kSeykH2QGx8m/qAA5IQ6G
r47dZQzCSOX/YHhOL1PYaAwnpnQG5EvUhvYB/fLslHWKAndUUKYx4fXYFS4GkBv1
hatXRH6txTL+EX58llrGfysUqQdYHoYdd2znQbNwTB1Z63GqwxjmBrl7R29pnyR7
3sQb7vLRx+k=
=YlO4
-----END PGP SIGNATURE-----
--- End Message ---
