Bug#985858: marked as done (Fails to start with seccomp violation (eventfd2))

[Debian Bug Tracking System]

Your message dated Fri, 26 Mar 2021 21:03:36 +0000
with message-id <e1lptcg-00035k...@fasolo.debian.org>
and subject line Bug#985858: fixed in rust-sniffglue 0.11.1-6
has caused the Debian Bug report #985858,
regarding Fails to start with seccomp violation (eventfd2)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
985858: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985858
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: sniffglue
Version: 0.11.1-5+b1
Severity: grave

I've noticed it's currently not possible to use sniffglue due to seccomp
violations:

    # sniffglue -vv
    Bad system call (core dumped)
    #

sniffglue uses a seccomp sandbox to allow-list a reduced set of syscalls
to attempt to mitigate the risk of exploitable bugs in the network
processing code.

Since the binary dynamically links to system libraries this may
occasionally cause problems if new syscalls are used in new versions of
those libraries.

This has happened with sniffglue and the libraries currently in debian
testing, I've prepared a patch that allows additional syscalls on some
architectures and pushed it to a branch in the debcargo-conf repo.

--- End Message ---

--- Begin Message ---

Source: rust-sniffglue
Source-Version: 0.11.1-6
Done: Peter Michael Green <plugw...@debian.org>

We believe that the bug you reported is fixed in the latest version of
rust-sniffglue, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 985...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Michael Green <plugw...@debian.org> (supplier of updated rust-sniffglue 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 26 Mar 2021 20:47:45 +0000
Source: rust-sniffglue
Architecture: source
Version: 0.11.1-6
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers 
<pkg-rust-maintain...@alioth-lists.debian.net>
Changed-By: Peter Michael Green <plugw...@debian.org>
Closes: 985858
Changes:
 rust-sniffglue (0.11.1-6) unstable; urgency=medium
 .
   * Team upload.
   * Package sniffglue 0.11.1 from crates.io using debcargo 2.4.0
   * Drop dev-dependency on boxxy and remove examples/boxxy.rs
     to allow the rest of the tests to run.
   * Fix a couple of compile errors in benches/bench.rs
 .
   [ kpcyrd ]
   * Add missing syscalls to seccomp filter (Closes: #985858)
Checksums-Sha1:
 a965679ab074124c884b91634a242355e917a894 3044 rust-sniffglue_0.11.1-6.dsc
 052ba4bead3c17b0c72cea31284dfeb6059de646 4624 
rust-sniffglue_0.11.1-6.debian.tar.xz
 0ba386138d50d3c2bf02f01042efe57bfaee0b79 13169 
rust-sniffglue_0.11.1-6_source.buildinfo
Checksums-Sha256:
 d03c20d775a88fe8b06252281fb18119225f270795f6972687d2cf39c280a2db 3044 
rust-sniffglue_0.11.1-6.dsc
 69d7feab89c8d1c444a2f5a118dc41a3cd67a6539e07325d6a71b844da37a0a3 4624 
rust-sniffglue_0.11.1-6.debian.tar.xz
 643372ec2d5bb594cb805a03540b5079597cc966200894bce37e73d6ec0bdfc2 13169 
rust-sniffglue_0.11.1-6_source.buildinfo
Files:
 ad1fcb8ad604c9459b0c91c8391a6510 3044 net optional rust-sniffglue_0.11.1-6.dsc
 5ca448f901ce5a5536066ce3c8b289d2 4624 net optional 
rust-sniffglue_0.11.1-6.debian.tar.xz
 74cef86610f9cc2c331d561261ca8aa7 13169 net optional 
rust-sniffglue_0.11.1-6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAyFiEEU0DQATYMplbjSX63DEjqKnqP/XsFAmBeSKoUHHBsdWd3YXNo
QGRlYmlhbi5vcmcACgkQDEjqKnqP/XuuWA/4xUz0y/wbiFT1GtCeBBSfjSzyW3zD
ZWPk0EbSYf8hLvpe1vnmZR8QzEXmIEtnFf7+KtWJPeFPEuZef/tyTYCNErXCOipn
0VtbfjJNc37FqwaUXsCI+Nfuz65D/4govJ+FHuQD0lRE5TSvDRWApqMywIbNsFK2
rtJakReI/7z0tCHfjBVNcJ1Mhn1JXSg5GvmsGVmf5mXxZv3UswI5F8Srd5JULVxy
oP6isDj6iBCY+Judp8FG4eUkboaw1nAz2CNCqBJVAX9jIviAFKa/L9yzlf5+Ui95
1rAEiqrA6VhQQIQ5nEO59NC7Xx7zooc8jN02LKQ1n8dfXUsO3kPh8y22XCpwBRs5
E8UfXZBW4nfFjilYLz9GyItXRQdfWQojXkJs6nWhWCqhZ250xPWo+TuJ5NBilP8U
CR/eDLytDCKW9UY2oIfkNtOTZhp1fOxFz+gAHEfxz6yuPaRNhgy5bySVjQGFxesz
RwqZHxgo2grLG/TggVR0bzZ+3VmBsU3FuTl0E1rAXHndi04sTlW1L+AV2ZBPqBJD
h0vnmqHvXuEbvvGiSlohUeVE6eRlatG304iHblotR7ebZeuCnE4XHT67jFnXREeD
ShJbqNMtxLwW8T1slgN44nFEzXp4Tz5E6HVxo30p6Y/mji7tv7ed7xWsRuoQ8DVV
EwHE7YmQodfLXw==
=wQNI
-----END PGP SIGNATURE-----

--- End Message ---