Your message dated Fri, 23 Feb 2007 21:02:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#407322: fixed in nessus-core 2.2.8-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: nessusd
Version: 2.2.8-1
Severity: important
If a user enters 'Y' to install the package maintainers version of
nessusd.conf, the upgrade will fail. It fails, because the
package maintainer's version of nessusd.conf does not contain any
line matching /^ca_file=/ - the config file has not set up a
certificate authority. It then fails during "/etc/init.d/nessusd start"
Now on a fresh install, nessusd.postinst checks for -f of
/var/lib/nessus/CA/cacert.pem and /var/lib/nessus/CA/servercert.pem
and if either of them does not exist, nessus_mkcert is called and so
the /^ca_file/ line is appended to nessusd.conf.
But when the user requests installion of the package maintainer's
version of nessusd.conf, this sequence of events takes place:
* the file /var/lib/nessus/CA/cacert.pem exists, and therefore
nessus_mkcert is not run
* nessusd.conf is not modified
* "/etc/init.d/nessusd start" therefore fails
* "apt-get dist-upgrade" therefore fails
Summar summarum: When asked which version of nessusd.conf to keep,
keeping the current (valid) one is the only choice that doesn't break.
I was expecting that choosing the package maintainers version of a
config file should always be a valid choice. This assumption leads
me to call this an important bug. If that is not valid, perhaps
the severity should be less.
-- System Information:
Debian Release: 4.0
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.lyta
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages nessusd depends on:
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii libnasl2 2.2.8-1 Nessus Attack Scripting Language,
ii libnessus2 2.2.8-2 Nessus shared libraries
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii libwrap0 7.6.dbs-11 Wietse Venema's TCP wrappers libra
ii nessus-plugins 2.2.8-1 Nessus plugins
ii openssl 0.9.8c-4 Secure Socket Layer (SSL) binary a
nessusd recommends no packages.
-- debconf information:
* nessusd/province: None
* nessusd/country: US
* nessusd/srvlifetime: 3650
* nessusd/certificate:
* nessusd/location: Copenhagen
* nessusd/organization: CapMon
* nessusd/califetime: 1460
--- End Message ---
--- Begin Message ---
Source: nessus-core
Source-Version: 2.2.8-3
We believe that the bug you reported is fixed in the latest version of
nessus-core, which is due to be installed in the Debian FTP archive:
nessus-core_2.2.8-3.diff.gz
to pool/main/n/nessus-core/nessus-core_2.2.8-3.diff.gz
nessus-core_2.2.8-3.dsc
to pool/main/n/nessus-core/nessus-core_2.2.8-3.dsc
nessus-dev_2.2.8-3_all.deb
to pool/main/n/nessus-core/nessus-dev_2.2.8-3_all.deb
nessus_2.2.8-3_i386.deb
to pool/main/n/nessus-core/nessus_2.2.8-3_i386.deb
nessusd_2.2.8-3_i386.deb
to pool/main/n/nessus-core/nessusd_2.2.8-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
nessus-core package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 23 Feb 2007 19:50:26 +0100
Source: nessus-core
Binary: nessus nessusd nessus-dev
Architecture: source all i386
Version: 2.2.8-3
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
nessus - Remote network security auditor, the client
nessus-dev - Nessus development header files
nessusd - Remote network security auditor, the server
Closes: 355745 376267 383479 398872 407322
Changes:
nessus-core (2.2.8-3) unstable; urgency=low
.
* Add the ca_file definitions in postinst if the CA certificate exist but
the value is not present in nessusd.conf. This prevents breakage when
users sleect maintainers version of nessusd.conf when prompted by dpkg.
This still needs to be improved (by changing nessusd to handled 'include's
in the
configuration files) since the current situation forces dpkg prompts
on upgrades. (Closes: #407322)
* Document how to add the nessusd script so that it can be used to startup
Nessus when the system boots (Closes: #383479)
* Remove the Nessus server certificates (if present) on purge (Closes:
#355745)
[ l10n changes ]
* Added German translation provided by Matthias Julius (Closes: #398872)
* Fixed es.po file (was missing the MIME header)
* Remove the wrong encodings in the desktop file (Closes: #376267)
* Add a Spanish translation to the desktop file too.
Files:
2e187bff761b436b223ee24779de45b1 932 admin optional nessus-core_2.2.8-3.dsc
c50da980746739ef3e981cc1f3b09434 99562 admin optional
nessus-core_2.2.8-3.diff.gz
456f7f3c4e2be707b269d6aa8e2461c0 38420 devel optional
nessus-dev_2.2.8-3_all.deb
da9374b34567ebffa475b2572b24b73b 231378 admin optional nessus_2.2.8-3_i386.deb
b7d572785fbc0a3f133162d1bccc5d32 207730 admin optional nessusd_2.2.8-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQCVAwUBRd9SdftEPvakNq0lAQINrQP+MjuO4zdvRL/90wZdaS8tUnJlXvBlm7UE
ud4S+lc9ssqfhRv4/HZYRUqStex66RhZxoBHVatHmmuAsylxXUKvQUbkN/OskEy+
+RLbnMhxgpaCxOM1thSZOFx/ILzBEQrsubJFB9xnK6BFwVa+TTn6d1xKRKmC2YMp
jGrI6Q7dwOw=
=szfk
-----END PGP SIGNATURE-----
--- End Message ---
