Your message dated Sat, 10 Mar 2007 20:32:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#413709: fixed in squid 2.6.5-5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: squid
Version: 2.6.5-4
Severity: serious
Squid "breaks" debsums:
debsums: can't open squid file /usr/lib/squid/pam_auth (Permission denied)
debsums: can't open squid file /usr/lib/squid/getpwnam_auth (Permission
denied)
Those files are setgid group shadow and thus it makes sense that
they are not executable by "others". However, that doesn't mean they
cannot be readable. Section 10.9. of the policy says:
Some setuid programs need to be restricted to particular sets of
users, using file permissions. In this case they should be owned
by the uid to which they are set-id, and by the group which should
be allowed to execute them. They should have mode 4754; again
there is no point in making them unreadable to those users who
must not be allowed to execute them.
I filed this as RC because the policy covers the case. I don't
really think it's that critical, so please downgrade if you wish. Or
just upload a quick fix (or tell me to NMU it).
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (750, 'unstable'), (500, 'testing'), (250, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages squid depends on:
ii adduser 3.102 Add and remove users and groups
ii coreutils 5.97-5.3 The GNU core utilities
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [
ii libldap2 2.1.30-13.3 OpenLDAP libraries
ii libpam0g 0.79-4 Pluggable Authentication Modules l
ii logrotate 3.7.1-3 Log rotation utility
ii lsb-base 3.1-23 Linux Standard Base 3.1 init scrip
ii netbase 4.29 Basic TCP/IP networking system
ii squid-common 2.6.5-4 Internet Object Cache (WWW proxy c
squid recommends no packages.
-- debconf information excluded
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
signature.asc
Description: Digital signature (GPG/PGP)
--- End Message ---
--- Begin Message ---
Source: squid
Source-Version: 2.6.5-5
We believe that the bug you reported is fixed in the latest version of
squid, which is due to be installed in the Debian FTP archive:
squid-cgi_2.6.5-5_sparc.deb
to pool/main/s/squid/squid-cgi_2.6.5-5_sparc.deb
squid-common_2.6.5-5_all.deb
to pool/main/s/squid/squid-common_2.6.5-5_all.deb
squid_2.6.5-5.diff.gz
to pool/main/s/squid/squid_2.6.5-5.diff.gz
squid_2.6.5-5.dsc
to pool/main/s/squid/squid_2.6.5-5.dsc
squid_2.6.5-5_sparc.deb
to pool/main/s/squid/squid_2.6.5-5_sparc.deb
squidclient_2.6.5-5_sparc.deb
to pool/main/s/squid/squidclient_2.6.5-5_sparc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Luigi Gangitano <[EMAIL PROTECTED]> (supplier of updated squid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 10 Mar 2007 20:01:12 +0100
Source: squid
Binary: squid squid-cgi squidclient squid-common
Architecture: source sparc all
Version: 2.6.5-5
Distribution: unstable
Urgency: low
Maintainer: Luigi Gangitano <[EMAIL PROTECTED]>
Changed-By: Luigi Gangitano <[EMAIL PROTECTED]>
Description:
squid - Internet Object Cache (WWW proxy cache)
squid-cgi - Squid cache manager CGI program
squid-common - Internet Object Cache (WWW proxy cache) - common file
squidclient - Command line URL extractor that talks to (a) squid
Closes: 411829 413709
Changes:
squid (2.6.5-5) unstable; urgency=low
.
* debian/rules
- Fixed permissions of /usr/lib/squid +s files (Closes: #413709)
.
* debian/po/gl.po
- Added Galician debconf translation (Thanks to Jacobo Tarrio)
(Closes: #411829)
Files:
9b7de4f453503dd6012d0cf8c4908dfc 659 web optional squid_2.6.5-5.dsc
5d6c990f3f79bf82b1f7f4018f60e4e0 270926 web optional squid_2.6.5-5.diff.gz
dfa54b0c33a630c31fc1c0b8771e92a5 438454 web optional
squid-common_2.6.5-5_all.deb
dfd306100c40b7eaa3b53af13ba6d9b0 666852 web optional squid_2.6.5-5_sparc.deb
a62b8bafe7f2f3fc7fd0306a6829cb29 86086 web optional
squidclient_2.6.5-5_sparc.deb
e237d2b54126806899a60540f2455a11 115980 web optional
squid-cgi_2.6.5-5_sparc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF8wnV8ZumGJJMDCYRAoy2AJ9vdIISJRINhfQt2bIndp2rVDKDYgCaAzXp
z4iVdBsAUpNz/+0oTvt8cUk=
=hsMJ
-----END PGP SIGNATURE-----
--- End Message ---
