Your message dated Sun, 23 Jun 2013 21:48:26 +0000
with message-id <e1uqs94-0006mq...@franck.debian.org>
and subject line Bug#711251: fixed in debian-edu-config 1.707
has caused the Debian Bug report #711251,
regarding root+KDC password in clear in /var/cache/debconf/
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
711251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711251
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: debian-edu-config
severity: serious
x-debbugs-cc: debian-...@lists.debian.org
version: 1.704
Hi,
On Mittwoch, 5. Juni 2013, Wolfgang Schweer wrote:
> > > Don't know if it was the case before, but now the root password entered
> > > during installation is visible in /var/cache/debconf/templates.dat and
> > > /var/cache/debconf/templates.dat-old (as KDC and LDAP passwords).
> > That is very strange. The values are supposed to be wiped out at the
> > end of the installation, and their type 'password' which is handled
> > specially by debconf and not stored in the "public" database.
> /var/cache/debconf/passwords.dat is clean, but templates.dat and
> templates.dat-old contain both: first-user-password and root pw (as KDC
> and LDAP pw.
Filing as serious bug, so we dont forget.
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
Source: debian-edu-config
Source-Version: 1.707
We believe that the bug you reported is fixed in the latest version of
debian-edu-config, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 711...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Petter Reinholdtsen <p...@debian.org> (supplier of updated debian-edu-config
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 23 Jun 2013 23:31:16 +0200
Source: debian-edu-config
Binary: debian-edu-config debian-edu-config-gosa-netgroups
Architecture: source all
Version: 1.707
Distribution: unstable
Urgency: low
Maintainer: Debian Edu Developers <debian-...@lists.debian.org>
Changed-By: Petter Reinholdtsen <p...@debian.org>
Description:
debian-edu-config - Configuration files for Skolelinux systems
debian-edu-config-gosa-netgroups - netgroups plugin for GOsa²
Closes: 711251 712723
Changes:
debian-edu-config (1.707) unstable; urgency=low
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn81085:
.
[ Petter Reinholdtsen ]
* Adjust debian-edu-pxeinstall paths to be compatible with
debian-installer-7.0-netboot-i386 and
debian-installer-7.0-netboot-amd64.
.
* Debconf translation updates:
- add Polish, thanks to Michał Kułach. (Closes: #712723)
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80889:
.
[ Petter Reinholdtsen ]
* Teach sssd-generate-config and setup-ad-client to ignore the output
from 'hostname -d' when it is '(null)'. This make the scripts more
robust.
* Correct timezone testsuite check to look for new timezone name for
the *_ES locale. Need updates for the other locales too.
* Make sure we include the new index.html.ro file in the binary
package.
.
[ Holger Levsen ]
* Update timezone testsuite checks for all other languages based on
/usr/share/zoneinfo on my wheezy system.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80617:
.
[ Petter Reinholdtsen ]
* Avoid hardcoded path in setup-roaming, to make it easier to move
the scripts around. Made setup-roaming more robust and capable of
running outside the Debian Edu environment.
* Made sssd-generate-config more robust, able to handle DNS lookups
which fall back to TCP.
* Made setup-ad-client more self contained, robust and get it
working out of the box in an Active Directory environment, also on
non Debian Edu machines.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80573:
.
[ Holger Levsen ]
* debian/control, Vcs* headers: Replace svn.debian.org with
anonscm.debian.org.
.
[ Petter Reinholdtsen ]
* Move code in sssd-generate-config to detect DNS domain name into
its own function, to make it easier to share that code with
setup-ad-client.
* Make setup-ad-client more automatic, flexible and robust.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80562:
.
* Switch default APT source, fallback LTSP mirror and fallback PXE
mirror from ftp.skolelinux.org, ftp.debian.org and cdn.debian.net
to http.debian.net, to pick a nearby mirror in the most efficient
way available today.
* Update sssd-generate-config with the change done to sssd.conf in
version 1.704~svn79934, and generate sssd.conf with checking og
the TLS certificate, now that it is working as it should.
* Make sssd-generate-config more robust, to not fail when hostname
do not understand the -d argument.
* New script setup-ad-client to set up a roaming workstation as a
Active Directory client and adjust sssd-generate-config to allow
this to work.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80551:
.
* Adjust webcache testsuite check, and remove now obsolete argument
sendt to wpad-extract.
* Add libwebkitgtk-1.0-0 as a dependency of debian-edu-config next
to libproxy-tools, as the webkit shared library is needed for
libproxy to handle WPAD files.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80547:
.
[ Petter Reinholdtsen ]
* Replicate how d-i is operating, and add code in LTSP setup script
032-edu-pkgs to run dpkg with the force-unsafe-io flag when creating
the LTSP chroot, to try to speed up the process.
* Adjust run-at-first-boot to call update-proxy-from-wpad on the
Main Server, to try to get the proxy setup working. The automatic
proxy setup only run from dhcp, which the Main Server do not use.
.
* Uploaded to the Debian Edu archive as debian-edu-config 1.707~svn80497:
.
[ Petter Reinholdtsen ]
* Add postinst code to purge the leftover passwords from the debconf
database when debian-edu-config is upgraded from a vulnerable
version (Closes: #711251).
Checksums-Sha1:
7601a02a5516727f8cfdbd8faa5cbe62661af31f 1277 debian-edu-config_1.707.dsc
cdb48f948603f289ccfe201c3d7aa1e022d89408 524824 debian-edu-config_1.707.tar.gz
5bb38af8b900f044d054dab70e6e332505c2ca21 404528 debian-edu-config_1.707_all.deb
af093076450de6c55757f425ecd98915c79c096c 117408
debian-edu-config-gosa-netgroups_1.707_all.deb
Checksums-Sha256:
4626b05716eac80c50fb81c3dfb87eb970ccd18fdfcf156056f560038aa56737 1277
debian-edu-config_1.707.dsc
129c118009ba6263d0e97aa7bc355475a859ba5d988ca73fe8191a0125a80d39 524824
debian-edu-config_1.707.tar.gz
a9ea678473ca8a93216deb9bb27c1de002b1047df2f94d75419afa26abbfa10f 404528
debian-edu-config_1.707_all.deb
6c41cdee485a11cfd28a722e9c429a06afe69995c34c08cd5c7ede478d192ceb 117408
debian-edu-config-gosa-netgroups_1.707_all.deb
Files:
619b7d3d4c40871ec2e179c0d8535a71 1277 misc extra debian-edu-config_1.707.dsc
092d3d4e1ffcd5c7e434d566a0d74d4b 524824 misc extra
debian-edu-config_1.707.tar.gz
9d4cf4a5a387a4410413a249ff9a3a60 404528 misc extra
debian-edu-config_1.707_all.deb
691d27757a2c244dd46736ec44f56818 117408 misc extra
debian-edu-config-gosa-netgroups_1.707_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFRx2ms20zMSyow1ykRAnYtAKDbw0aMv+RwrcJMpspG8YKPKyIkDgCfUcgW
BrregnxUf2X58Jjmv36qZU8=
=BmNy
-----END PGP SIGNATURE-----
--- End Message ---
