Your message dated Tue, 01 May 2007 21:32:04 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#421728: fixed in seahorse 1.0.1-3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: seahorse Version: 1.0.1-2 Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On my system, the check for a non-root user's ability to call mlock fails. The error is: "conftest.c:49: warning: incompatible implicit declaration of built-in function 'printf'". This is fixed by the following patch: - --- seahorse-1.0.1/acinclude.m4 2007-03-19 04:09:25.000000000 +0000 +++ seahorse-1.0.1+printf/acinclude.m4 2007-05-01 09:55:43.000000000 +0100 @@ -53,6 +53,7 @@ #include <sys/mman.h> #include <sys/types.h> #include <fcntl.h> + #include <stdio.h> int main () { long int pgsize = getpagesize (); However the test still fails but ONLY when run from the configure script! If I run it manually: $ gdb ./mlock Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1". (gdb) break main Breakpoint 1 at 0x8048465: file mlock.c, line 38. (gdb) run Starting program: /tmp/x/mlock Failed to read a valid object file image from memory. Breakpoint 1, main () at mlock.c:38 38 long int pgsize = getpagesize (); (gdb) next 39 char *pool = malloc (4096 + pgsize); (gdb) print pgsize $1 = 4096 (gdb) next 40 if (!pool) (gdb) next 42 pool += (pgsize - ((long int)pool % pgsize)); (gdb) next 43 if (mlock (pool, 4096) < 0) { (gdb) next 49 if (geteuid () == 0) { (gdb) next 53 return 0; (gdb) next 54 } (gdb) next 0xb7e66878 in __libc_start_main () from /lib/i686/cmov/libc.so.6 ... it succeeds. The result is that the seahorse-agent ends up in an insecure configuration that does not prevent its key material from being swapped to disk. - -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages seahorse depends on: ii gconf2 2.16.1-1 GNOME configuration database syste ii libart-2.0-2 2.3.19-3 Library of functions for 2D graphi ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit ii libavahi-client3 0.6.16-5 Avahi client library ii libavahi-common3 0.6.16-5 Avahi common library ii libavahi-glib1 0.6.16-5 Avahi glib integration library ii libbonobo2-0 2.18.0-2 Bonobo CORBA interfaces library ii libbonoboui2-0 2.18.0-5 The Bonobo UI library ii libc6 2.5-4 GNU C Library: Shared libraries ii libcairo2 1.4.4-1 The Cairo 2D vector graphics libra ii libdbus-1-3 1.0.2-1 simple interprocess messaging syst ii libdbus-glib-1-2 0.73-2 simple interprocess messaging syst ii libfontconfig1 2.4.2-1.2 generic font configuration library ii libgcc1 1:4.1.2-5 GCC support library ii libgconf2-4 2.16.1-1 GNOME configuration database syste ii libglade2-0 1:2.6.0-4 library to load .glade files at ru ii libglib2.0-0 2.12.11-3 The GLib library of C routines ii libgnome-keyring0 0.8.1-2 GNOME keyring services library ii libgnome2-0 2.18.0-4 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.14.0-2 A powerful object-oriented display ii libgnomeprint2.2-0 2.18.0-2 The GNOME 2.2 print architecture - ii libgnomeprintui2.2-0 2.18.0-2 GNOME 2.2 print architecture User ii libgnomeui-0 2.18.1-2 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.18.1-1 GNOME Virtual File System (runtime ii libgnutls13 1.6.2-1 the GNU TLS library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libgpgme11 1.1.2-5 GPGME - GnuPG Made Easy ii libgtk2.0-0 2.10.11-2 The GTK+ graphical user interface ii libgtksourceview1.0-0 1.8.5-1 shared libraries for the GTK+ synt ii libice6 1:1.0.3-2 X11 Inter-Client Exchange library ii libldap2 2.1.30-13.4 OpenLDAP libraries ii libnautilus-extension1 2.18.1-1 libraries for nautilus components ii libnotify1 [libnotify1-gtk 0.4.4-3 sends desktop notifications to a n ii libnspr4-0d 1.8.0.11-2 NetScape Portable Runtime Library ii liborbit2 1:2.14.7-0.2 libraries for ORBit2 - a CORBA ORB ii libpanel-applet2-0 2.18.1-1+b1 library for GNOME 2 panel applets ii libpango1.0-0 1.16.2-2 Layout and rendering of internatio ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libsm6 1:1.0.2-2 X11 Session Management library ii libsoup2.2-8 2.2.100-1 an HTTP library implementation in ii libx11-6 2:1.0.3-7 X11 client-side library ii libxcursor1 1.1.7-4 X cursor management library ii libxext6 1:1.0.1-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.1-5 X11 miscellaneous 'fixes' extensio ii libxi6 1:1.0.1-4 X11 Input extension library ii libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library ii libxml2 2.6.28.dfsg-1 GNOME XML library ii libxrandr2 2:1.2.1-1 X11 RandR extension library ii libxrender1 1:0.9.1-3 X Rendering Extension client libra ii libxul0d 1.8.0.11-2 Gecko engine library ii zlib1g 1:1.2.3-13 compression library - runtime Versions of packages seahorse recommends: ii openssh-client 1:4.3p2-9 Secure shell client, an rlogin/rsh - -- debconf information: * seahorse/SUID: true -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGNwN8shl/216gEHgRAjOiAJ4saQLbdecJaPAwSqhGhQwshLeodwCfbZrq /N7zAVjyl1kRw0tfHK8v/0A= =CRj8 -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: seahorse Source-Version: 1.0.1-3 We believe that the bug you reported is fixed in the latest version of seahorse, which is due to be installed in the Debian FTP archive: seahorse_1.0.1-3.diff.gz to pool/main/s/seahorse/seahorse_1.0.1-3.diff.gz seahorse_1.0.1-3.dsc to pool/main/s/seahorse/seahorse_1.0.1-3.dsc seahorse_1.0.1-3_i386.deb to pool/main/s/seahorse/seahorse_1.0.1-3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Dröge <[EMAIL PROTECTED]> (supplier of updated seahorse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 1 May 2007 22:59:05 +0200 Source: seahorse Binary: seahorse Architecture: source i386 Version: 1.0.1-3 Distribution: unstable Urgency: low Maintainer: Jose Carlos Garcia Sogo <[EMAIL PROTECTED]> Changed-By: Sebastian Dröge <[EMAIL PROTECTED]> Description: seahorse - A Gnome front end for GnuPG Closes: 421666 421728 Changes: seahorse (1.0.1-3) unstable; urgency=low . * debian/patches/2_mlock.dpatch: + Fix the mlock() check. It failed whenever called as root or with fakeroot although we support mlock() as normal user (Closes: #421728). * debian/patches/3_setuid.dpatch: + Run chmod u+s on the correct binary (Closes: #421666). * debian/patches/10_relibtoolize.dpatch: + Regenerated for the above changes. Files: 430a10eb793d24cb16ff2a35d5f30651 1135 gnome optional seahorse_1.0.1-3.dsc 229fa2c6dcee018e18fb2ade97825201 55071 gnome optional seahorse_1.0.1-3.diff.gz 73e994fd3a7121b544b880387946e26d 3764254 gnome optional seahorse_1.0.1-3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGN68RBsBdh1vkHyERAgGgAJ0TnVkL8M/0uWyYbJXclsMOE87cUACeJD3N z+T0TTtasF5u1O0GlzEuBoU= =zmls -----END PGP SIGNATURE-----
--- End Message ---
