Your message dated Mon, 08 Jan 2007 01:02:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#405342: fixed in tcp-wrappers 7.6.dbs-12
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libwrap0
Version: 7.6.dbs-11
Severity: grave
Justification: renders package unusable
$ /usr/sbin/tcpdchk -v
Using network configuration file: /etc/inetd.conf
>>> Rule /etc/hosts.allow line 15:
daemons: SSHD
clients: ALL
access: granted
>>> Rule /etc/hosts.deny line 20:
daemons: ALL
clients: ALL EXCEPT 127.0.0.1
access: denied
The above are the only rules in effect.
$ /usr/sbin/tcpdmatch vnc 127.0.0.1
warning: vnc: no such process name in /etc/inetd.conf
client: address 127.0.0.1
server: process vnc
access: granted
So far so good... the execption in hosts.deny should cause this one to
be allowed.
$ /usr/sbin/tcpdmatch vnc 192.168.10.178
warning: vnc: no such process name in /etc/inetd.conf
client: address 192.168.10.178
server: process vnc
access: granted
Why is this granted? It shouldn't be.
The same is true if the exception is removed:
$ /usr/sbin/tcpdchk -v
Using network configuration file: /etc/inetd.conf
>>> Rule /etc/hosts.allow line 15:
daemons: SSHD
clients: ALL
access: granted
>>> Rule /etc/hosts.deny line 21:
daemons: ALL
clients: ALL
access: denied
$ /usr/sbin/tcpdmatch vnc 192.168.10.178
warning: vnc: no such process name in /etc/inetd.conf
client: address 192.168.10.178
server: process vnc
access: granted
Still access granted. However, moving back to the version of libwrap0
in stable (7.6.dbs-8) results in:
$ /usr/sbin/tcpdmatch vnc 192.168.10.178
warning: vnc: no such process name in /etc/inetd.conf
client: address 192.168.10.178
server: process vnc
matched: /etc/hosts.deny line 21
access: denied
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (900, 'testing'), (400, 'stable'), (300, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-k7
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages libwrap0 depends on:
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
Versions of packages libwrap0 recommends:
ii tcpd 7.6.dbs-11 Wietse Venema's TCP wrapper utilit
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: tcp-wrappers
Source-Version: 7.6.dbs-12
We believe that the bug you reported is fixed in the latest version of
tcp-wrappers, which is due to be installed in the Debian FTP archive:
libwrap0-dev_7.6.dbs-12_i386.deb
to pool/main/t/tcp-wrappers/libwrap0-dev_7.6.dbs-12_i386.deb
libwrap0_7.6.dbs-12_i386.deb
to pool/main/t/tcp-wrappers/libwrap0_7.6.dbs-12_i386.deb
tcp-wrappers_7.6.dbs-12.diff.gz
to pool/main/t/tcp-wrappers/tcp-wrappers_7.6.dbs-12.diff.gz
tcp-wrappers_7.6.dbs-12.dsc
to pool/main/t/tcp-wrappers/tcp-wrappers_7.6.dbs-12.dsc
tcpd_7.6.dbs-12_i386.deb
to pool/main/t/tcp-wrappers/tcpd_7.6.dbs-12_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Marco d'Itri <[EMAIL PROTECTED]> (supplier of updated tcp-wrappers package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 8 Jan 2007 01:37:59 +0100
Source: tcp-wrappers
Binary: libwrap0 tcpd libwrap0-dev
Architecture: source i386
Version: 7.6.dbs-12
Distribution: unstable
Urgency: high
Maintainer: Anthony Towns <[EMAIL PROTECTED]>
Changed-By: Marco d'Itri <[EMAIL PROTECTED]>
Description:
libwrap0 - Wietse Venema's TCP wrappers library
libwrap0-dev - Wietse Venema's TCP wrappers library, development files
tcpd - Wietse Venema's TCP wrapper utilities
Closes: 393514 401908 405342
Changes:
tcp-wrappers (7.6.dbs-12) unstable; urgency=high
.
* Fixed the match_port patch to not break matching on daemon names in
a corner case (when request->server->sin has not been initialised by
the caller). Patch courtesy of Janusz Krzysztofik. (Closes: #405342)
* New debconf translations: ro, es. (Closes: #393514, #401908)
Files:
d334a563c743885941d85729b733cb4a 682 net important tcp-wrappers_7.6.dbs-12.dsc
03d2ee40fceb4f0e3ad7a9a04b7e0156 54362 net important
tcp-wrappers_7.6.dbs-12.diff.gz
1e1f302f25795c0c3b5aa48d782f953d 78080 net important tcpd_7.6.dbs-12_i386.deb
22931f3edabc079ebcc724890cdbe6c8 28730 libs important
libwrap0_7.6.dbs-12_i386.deb
c54cf9ad37423f46c25f82a5bc6a90b2 34380 libdevel optional
libwrap0-dev_7.6.dbs-12_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFoZZVFGfw2OHuP7ERAu7UAJ9wc+yUC6U7AAGS5E/K02+VIUXF5QCeI4l1
zqB4gQj/XL1smKBMXtzHKV0=
=uD6d
-----END PGP SIGNATURE-----
--- End Message ---
