Your message dated Sun, 06 Jul 2008 13:47:17 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#387721: fixed in tinyproxy 1.6.3-3.2
has caused the Debian Bug report #387721,
regarding tinyproxy: Should not grant non-localhost access by default
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
387721: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=387721
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: tinyproxy
Version: 1.6.3-2
Severity: normal
Hi,
I noticed the default configuration file grants access to a local
network by default:
| Allow 192.168.1.0/25
Although this is much better than allow access from anywhere this still
can be abused cause harm and confusion in appropriate networks. Please
comment that line out.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.13
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)
Versions of packages tinyproxy depends on:
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
ii logrotate 3.7.1-3 Log rotation utility
tinyproxy recommends no packages.
-- no debconf information
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: tinyproxy
Source-Version: 1.6.3-3.2
We believe that the bug you reported is fixed in the latest version of
tinyproxy, which is due to be installed in the Debian FTP archive:
tinyproxy_1.6.3-3.2.diff.gz
to pool/main/t/tinyproxy/tinyproxy_1.6.3-3.2.diff.gz
tinyproxy_1.6.3-3.2.dsc
to pool/main/t/tinyproxy/tinyproxy_1.6.3-3.2.dsc
tinyproxy_1.6.3-3.2_i386.deb
to pool/main/t/tinyproxy/tinyproxy_1.6.3-3.2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jordi Mallach <[EMAIL PROTECTED]> (supplier of updated tinyproxy package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 04 Jul 2008 17:06:00 +0200
Source: tinyproxy
Binary: tinyproxy
Architecture: source i386
Version: 1.6.3-3.2
Distribution: unstable
Urgency: low
Maintainer: Ed Boraas <[EMAIL PROTECTED]>
Changed-By: Jordi Mallach <[EMAIL PROTECTED]>
Description:
tinyproxy - A lightweight, non-caching, optionally anonymizing http proxy
Closes: 369787 387721 393236 400931 417338
Changes:
tinyproxy (1.6.3-3.2) unstable; urgency=low
.
* Non-maintainer upload.
* Note the Debian revision has been bumped to -3.2 instead of -2.2 to
ease Ubuntu synchronisation, as they mistakenly uploaded -3 some time ago.
* Bump debhelper requirement to 7 and add quilt to Build-Depends.
* Move to debhelper compat level 7.
* Cleanup rules a bit for debhelper v7.
* Move patches to upstream code to log_format_string_fix.patch,
scanner_debug_removal.patch and 99_autoreconf.patch.
* Remove apparently old and unused patches debian/logfile.patch and
debian/dfree-[1-4].patch.
* Make logrotate script restart tinyproxy only if it appears to be
running (closes: #369787). A better fix would be to improve the init
script adding a "try-restart" option, though.
* Apply patch from Christoph Biedl to allow tinyproxy to remove its pidfile
when shutting down, so the logrotate change actually works. This changes
the pidfile location to /var/run/tinyproxy.
* Add "Short-Description" and "Description" headers to the init script.
* Fix a typo in debian/rules so config.log gets removed on clean.
* Remove libtool and doc/report.sh on clean, and fix the rule as suggested
by lintian.
* Copy upstream's default conffile as debian/tinyproxy.conf and install
that one in the package.
* Disable non-localhost access by default, while adding commented entries
for all private network ranges (closes: #387721, #393236).
* Install example configuration file in /usr/share/doc/tinyproxy/examples.
* Remove obsolete debian/conffiles.
* Fix reference to conffile location in README.Debian (closes: #417338).
* Pass --enable-filter --enable-transparent-proxy --enable-upstream
to configure to explicitly enable some missing features.
(closes: #400931, LP #42598).
* Add doc/filter-howto.txt to installed documentation.
* Remove postinst and prerm script, which were used to fix an upgrade bug
6 years ago.
* Update upstream url in debian/copyright, and add a Homepage field to
debian/control.
* Extend copyright so it contains all the required information.
* Add a Debian.source document with notes about quilt usage to obtain
patched code.
* Add a watch file.
* Bump Standards-Version to 3.8.0.
Checksums-Sha1:
db3953d0d01f03ae2daa445e8d7c7ffc25f74bff 1034 tinyproxy_1.6.3-3.2.dsc
9b10b0b25700c75cf0571b939dde2c4b4c428f18 317611 tinyproxy_1.6.3-3.2.diff.gz
d2ee15df30767badab7e894203b06524d4eeaf3a 70178 tinyproxy_1.6.3-3.2_i386.deb
Checksums-Sha256:
a3b4fd3563ef319e9178ed9d43fa7f2bacf4a734fb7e6554d26cc3e45e9079df 1034
tinyproxy_1.6.3-3.2.dsc
0898203a7616a505693b6705656e09ad8d607c9afc527ec0b6ecfbb2e83dd107 317611
tinyproxy_1.6.3-3.2.diff.gz
f3dd70057caf7900127f1e0cbf1f3c37b880dc8caf60aa815ee29f00b85cfebf 70178
tinyproxy_1.6.3-3.2_i386.deb
Files:
ac504d7c21521d1b32dd3c793a1e3029 1034 net optional tinyproxy_1.6.3-3.2.dsc
758a3fff1cd6bd88f20c481c8eef4a36 317611 net optional
tinyproxy_1.6.3-3.2.diff.gz
b58195ffeabd6d6f2c46e97a2156023c 70178 net optional
tinyproxy_1.6.3-3.2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkhwyQYACgkQJYSUupF6Il5vAwCfaLueCiMAjtW3U+DC8Q6b4/xS
q3wAniBMLwcyIXXO1VY3RRY5BuntOiE6
=Wtio
-----END PGP SIGNATURE-----
--- End Message ---
