Your message dated Tue, 12 May 2020 04:49:46 +0000 with message-id <e1jymrs-000f7g...@fasolo.debian.org> and subject line Bug#935439: fixed in ucf 3.0039 has caused the Debian Bug report #935439, regarding ucf shouldn't change the file permissions to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 935439: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935439 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ucf Version: 3.0038+nmu1 Severity: serious Hi, It seems that ucf, unlike dpkg, is changing the file permissions when rewriting the configuration file. It also seems that there is a difference in behavour between the "use maintainer file" option and the 3-ways merge. The former preserve the permissions of the new file, the later is not. That can be a security issue I believe, thus the severity Kind regards, Laurent Bigonville -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE:fr (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ucf depends on: ii coreutils 8.30-3+b1 ii debconf 1.5.73 ii sensible-utils 0.0.12 ucf recommends no packages. ucf suggests no packages. -- debconf information excluded
--- End Message ---
--- Begin Message ---Source: ucf Source-Version: 3.0039 Done: Manoj Srivastava <sriva...@debian.org> We believe that the bug you reported is fixed in the latest version of ucf, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 935...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Manoj Srivastava <sriva...@debian.org> (supplier of updated ucf package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 May 2020 20:53:59 -0700 Source: ucf Architecture: source Version: 3.0039 Distribution: unstable Urgency: medium Maintainer: Manoj Srivastava <sriva...@debian.org> Changed-By: Manoj Srivastava <sriva...@debian.org> Closes: 892301 918255 935439 951006 Changes: ucf (3.0039) unstable; urgency=medium . * NMU ack. Thanks to Helge Kreutzmann * Updated thee VCS-* links in control file to salsa * Updated the standards version to 4.3.0, no changes needed * Bug fix: "ucf shouldn't change the file permissions", thanks to Laurent Bigonville (Closes: #935439). * Updated the debhelper dependency usding the new debhelper-compat dependency convention. * Bug fix: "ucf with -n as first argument results in error", thanks to Ian Kelling (Closes: #892301). * Bug fix: "Please load file names into environment when starting "a new shell to examine the situation" (DPKG_CONFFILE_OLD, DPKG_CONFFILE_NEW)", thanks to Christoph Biedl (Closes: #951006). mI changed the variable names to not stomp over tyhe dpkg namespace; the variables are actuall UCF_* * Bug fix: "[INTL:nl] Dutch translation of debconf messages", thanks to Frans Spiesschaert (Closes: #918255). Checksums-Sha1: 18775fdf3f62bd9a05ce953c40eb53b1932427e7 1419 ucf_3.0039.dsc 677df859ed4ff465b16e0ba4faf630d2238837d2 66240 ucf_3.0039.tar.xz Checksums-Sha256: 8ae5e9ba14d264edbaf9e62b4a945d194215950ac590226ec3dea7c48c1300b2 1419 ucf_3.0039.dsc d7adb61cf16d6f273673b39ef825629a3c4a129753592fb1036fefc3d582c0c4 66240 ucf_3.0039.tar.xz Files: ed74a38e446a5c2a7e80047d6754bfbc 1419 utils standard ucf_3.0039.dsc a14af416236bf0a83a8a8bb3319cc6f7 66240 utils standard ucf_3.0039.tar.xz -----BEGIN PGP SIGNATURE----- iQGYBAEBCgCCFiEEq6cQJaG1qIpOX2jCNr1yD29XZHIFAl66JWVPFIAAAAAAGwAr c3JpdmFzdGFAZ29sZGVuLWdyeXBob24uY29tQUJBNzEwMjVBMUI1QTg4QTRFNUY2 OEMyMzZCRDcyMEY2RjU3NjQ3Ml84OBQcc3JpdmFzdGFAZGViaWFuLm9yZwAKCRA2 vXIPb1dkclkeB/4++UCdF0Fzf2/WNENeXzn+bhmiiBcZlD4Yxh2s4Ql+eBGOPUGz 4NuJURDr5+/IFZr8Kw/Mezs0IBgvlUurtWmKPNcSkpHVdC8xcCgvhOX33Qu3nhyh tq5B+XCtfVosCNBcLgHvdENpG/liMZs1wskpZrTADdPOXNGMBNgd7yB06aVDy+8v nBqjatyzHW14b8kkNGmMJXFcjUsCBkFS4XMQRyUL5QtoTzK2ouNU/mViEnXJkGLP D3wFzdaz5kbPr5zht0eLN1rkc1mf6IXYvHIlChn6kDJVEPpJNH3mO64HD3LTzYcM j0kw9ZKhgYD47Ocwk47YNpshZdUgK+tc1h57 =bHhP -----END PGP SIGNATURE-----
--- End Message ---
