Your message dated Mon, 03 Apr 2006 05:32:09 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#359239: fixed in gpib 3.2.06-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libgpib-perl
Version: 3.2.06-2
Severity: grave
Tags: security
Hello Robert,
LinuxGpib.so includes a rpath pointing to /tmp/buildd/...
%chrpath usr/lib/perl5/auto/LinuxGpib/LinuxGpib.so
usr/lib/perl5/auto/LinuxGpib/LinuxGpib.so:
RPATH=/tmp/buildd/gpib-3.2.06/build-tree/linux-gpib-3.2.06/language/perl/../../lib/.libs
Since /tmp is usr-writable, a local user can install rogue libraries
that will be linked by LinuxGpib.so at run time.
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
--- End Message ---
--- Begin Message ---
Source: gpib
Source-Version: 3.2.06-3
We believe that the bug you reported is fixed in the latest version of
gpib, which is due to be installed in the Debian FTP archive:
gpib-modules-source_3.2.06-3_all.deb
to pool/main/g/gpib/gpib-modules-source_3.2.06-3_all.deb
gpib_3.2.06-3.diff.gz
to pool/main/g/gpib/gpib_3.2.06-3.diff.gz
gpib_3.2.06-3.dsc
to pool/main/g/gpib/gpib_3.2.06-3.dsc
libgpib-bin_3.2.06-3_i386.deb
to pool/main/g/gpib/libgpib-bin_3.2.06-3_i386.deb
libgpib-perl_3.2.06-3_i386.deb
to pool/main/g/gpib/libgpib-perl_3.2.06-3_i386.deb
libgpib0-dev_3.2.06-3_i386.deb
to pool/main/g/gpib/libgpib0-dev_3.2.06-3_i386.deb
libgpib0_3.2.06-3_i386.deb
to pool/main/g/gpib/libgpib0_3.2.06-3_i386.deb
php4-gpib_3.2.06-3_i386.deb
to pool/main/g/gpib/php4-gpib_3.2.06-3_i386.deb
python-gpib_3.2.06-3_i386.deb
to pool/main/g/gpib/python-gpib_3.2.06-3_i386.deb
python2.3-gpib_3.2.06-3_i386.deb
to pool/main/g/gpib/python2.3-gpib_3.2.06-3_i386.deb
python2.4-gpib_3.2.06-3_i386.deb
to pool/main/g/gpib/python2.4-gpib_3.2.06-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Robert Jordens <[EMAIL PROTECTED]> (supplier of updated gpib package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 3 Apr 2006 13:12:17 +0200
Source: gpib
Binary: python2.3-gpib libgpib-perl php4-gpib libgpib-bin libgpib0-dev
gpib-modules-source python2.4-gpib libgpib0 python-gpib
Architecture: source i386 all
Version: 3.2.06-3
Distribution: unstable
Urgency: high
Maintainer: Robert Jordens <[EMAIL PROTECTED]>
Changed-By: Robert Jordens <[EMAIL PROTECTED]>
Description:
gpib-modules-source - kernel modules for various GPIB boards
libgpib-bin - libgpib support applications and configuration
libgpib-perl - libgpib perl bindings
libgpib0 - C bindings for GPIB (IEEE 488) kernel driver -- headers
libgpib0-dev - C bindings for GPIB (IEEE 488) kernel driver -- headers
php4-gpib - libgpib php bindings
python-gpib - libgpib python bindings (default package)
python2.3-gpib - libgpib Python 2.3 bindings
python2.4-gpib - libgpib Python 2.4 bindings
Closes: 356589 359239 360136
Changes:
gpib (3.2.06-3) unstable; urgency=high
.
* break circular dependency around libgpib-bin; closes: Bug#356589 (libgpib0
has circular Depends on libgpib-bin)
* add lost no-segment.h patch; closes: Bug#360136
(gpib_3.2.06-2(amd64/unstable): Patch no-segment.h.patch does not exist
* debian/rules: add "LD_RUN_PATH=" to make invokation for the perl bindings
to dump the rpath; closes: Bug#359239
(libgpib-perl: LinuxGpib.so has trapdoor rpath /tmp/buildd/...)
* urgency high because the last two are RC and security critical
* now standards compliant to 3.6.2
Files:
9a82663e366daca3653d1d91ffc6248f 874 science optional gpib_3.2.06-3.dsc
37487f33557c973e13692f0196b10401 27896 science optional gpib_3.2.06-3.diff.gz
c3960d2c83eb0ef8fa26e27e90a5700f 121866 science optional
gpib-modules-source_3.2.06-3_all.deb
ded398bfbfb811ce04b72e7e3ca2079e 455088 libdevel optional
libgpib0-dev_3.2.06-3_i386.deb
bd58d5addf492f13712f8bf8432c6ebf 47558 libs optional libgpib0_3.2.06-3_i386.deb
957b7b60e804a7c7438b5367cb270e79 28618 science optional
libgpib-bin_3.2.06-3_i386.deb
b7d51533d848cd6228328b2e7635473d 33994 perl optional
libgpib-perl_3.2.06-3_i386.deb
52915f2d73d7a8852e9122e74d2e7178 43980 science optional
php4-gpib_3.2.06-3_i386.deb
b86dd854ae3dc31c835c8eedaec0d3f0 19334 python optional
python2.3-gpib_3.2.06-3_i386.deb
e5e1061a9ece75d22b4c332c12d741f3 19338 python optional
python2.4-gpib_3.2.06-3_i386.deb
739a78273ae0b18508a12f36115ab1e2 14972 python optional
python-gpib_3.2.06-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEMRTMHSjkv+Av7xERAv6EAJ9RHARKKvJfK/ud6hBgpsKAA1CYUQCfabay
TMVpcaoUDb2pifrjFeE+jE4=
=cxzY
-----END PGP SIGNATURE-----
--- End Message ---
