Your message dated Tue, 27 May 2014 01:12:38 -0400 (EDT)
with message-id <267892239.15330099.1401167558766.javamail.zim...@redhat.com>
and subject line pcp ships an upstream binary without rebuilding it
has caused the Debian Bug report #746996,
regarding pcp ships an upstream binary without rebuilding it
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
746996: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746996
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pcp
Version: 3.9.2
Severity: serious
Tags: security upstream
On i386, pcp ships the upstream binary src/pmdas/mmv/mmvdump into
/var/lib/pcp/pmdas/mmv/mmvdump without rebuilding it. This violates
Debian policy and might be used by upstream to introduce backdoors or
other security issues.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
As per last bug update, this appears to be some confusion
on the part of the reporter and/or a machine configuration
issue when building - certainly there's no evidence of the
source tar.gz containing a binary. Closing, please reopen
if additional information comes to hand that sheds further
light on the situation - thanks!
--
Nathan
--- End Message ---
