Your message dated Sat, 15 Nov 2008 05:32:04 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#464174: fixed in twiki 1:4.1.2-5 has caused the Debian Bug report #464174, regarding twiki: intranet group/user names containing - mess up authz to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 464174: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464174 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: twiki Version: 1:4.0.5-9.1 Severity: normal Tags: patch Whenever using TWiki with "intranet" users/groups, user/group names containing "-" character will lead to bad parsing of ALLOW/DENY directives lists. For example : Set ALLOWTOPICVIEW = groupone, group-two, groupthree Here only members of groupone will be recognized. The guilty one is a regexp in TWiki/Users.pm in expandUserList which should be changed from : $names =~ s/\s*([$TWiki::regex{mixedAlphaNum}_\.\,\s\%]*)\s*(.*)/$1/go; to: $names =~ s/\s*([$TWiki::regex{mixedAlphaNum}_\-\.\,\s\%]*)\s*(.*)/$1/go; Hope this helps, -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.21-2-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages twiki depends on: ii apache2.2-common 2.2.3-4+etch3 Next generation, scalable, extenda ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy ii libalgorithm-diff-perl 1.19.01-2 a perl library for finding Longest ii libcgi-session-perl 4.14-1 Persistent session data in CGI app ii libdigest-sha1-perl 2.11-1 NIST SHA-1 message digest algorith ii liberror-perl 0.15-8 Perl module for error/exception ha ii libhtml-parser-perl 3.55-1 A collection of modules that parse ii liblocale-maketext-lexicon 0.62-1 Lexicon-handling backends for "Loc ii libtext-diff-perl 0.35-2 Perform diffs on files and record ii liburi-perl 1.35-2 Manipulates and accesses URI strin ii perl [libmime-base64-perl] 5.8.8-7etch1 Larry Wall's Practical Extraction ii perl-modules [libnet-perl] 5.8.8-7etch1 Core Perl modules ii rcs 5.7-18 The GNU Revision Control System twiki recommends no packages. -- debconf information: * twiki/samplefiles: true * twiki/wikiwebmaster: [EMAIL PROTECTED] * twiki/defaultUrlHost: https://picoforge.int-evry.fr/ * twiki/apacheUserCreationNote:
--- End Message ---
--- Begin Message ---Source: twiki Source-Version: 1:4.1.2-5 We believe that the bug you reported is fixed in the latest version of twiki, which is due to be installed in the Debian FTP archive: twiki_4.1.2-5.diff.gz to pool/main/t/twiki/twiki_4.1.2-5.diff.gz twiki_4.1.2-5.dsc to pool/main/t/twiki/twiki_4.1.2-5.dsc twiki_4.1.2-5_all.deb to pool/main/t/twiki/twiki_4.1.2-5_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sven Dowideit <[EMAIL PROTECTED]> (supplier of updated twiki package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 12 Nov 2008 09:53:40 +0100 Source: twiki Binary: twiki Architecture: source all Version: 1:4.1.2-5 Distribution: unstable Urgency: emergency Maintainer: Sven Dowideit <[EMAIL PROTECTED]> Changed-By: Sven Dowideit <[EMAIL PROTECTED]> Description: twiki - A Web Based Collaboration Platform Closes: 464174 468159 472274 482321 492648 499534 502958 Changes: twiki (1:4.1.2-5) unstable; urgency=emergency . * fix TemplateLogin passthrough sysopen (Closes: #468159) * Arbitrary Code Execution in Configure Script (CVE-2008-3195) - Closes: #499534 * allow '-' for user & groupnames (Closes: #464174) * update Swedish strings for twiki debconf (Closes: #492648) * patch comments.tmpl to fix Comment plugin definitions (Closes: #502958) * remove optional mod-perl dependencies as it does not work yet - Closes: #482321 * remove "uninitialized value" errors in TWiki.pm (Closes: #472274) Checksums-Sha1: 52138473216a395aa8dd230a72be58bf289602e7 1074 twiki_4.1.2-5.dsc 4788b36921eb5400f8df872a15cee9686b6a0e63 53787 twiki_4.1.2-5.diff.gz 9daa5de6763de8da863d53c73af7c00087af930d 4687694 twiki_4.1.2-5_all.deb Checksums-Sha256: 0de15d9009f62043c51b5cbf95d297360959457578bd75bd1fd6942a20798783 1074 twiki_4.1.2-5.dsc 3c878a99ed1dd3e9e8ac24d157cbb48b7c499e2482e6260e7d5fea90132203fb 53787 twiki_4.1.2-5.diff.gz 5367ed98ff6a7757747b10de890379785a3a3486861749648a6e34dc9351e477 4687694 twiki_4.1.2-5_all.deb Files: d79475d13d121d3b9ca4b3270e561880 1074 web optional twiki_4.1.2-5.dsc 467036ec6ac184a356642ad12ee6986c 53787 web optional twiki_4.1.2-5.diff.gz f8f17eee808bf6b5758437f28a57b589 4687694 web optional twiki_4.1.2-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQCVAwUBSR5bwT6XMRfcxSjpAQI/tQP/W1DkWdg8DpA4xliuxAICINB5D/hQL2Ek 1WI0J3jTSgckYb8q1VfZY3jaqk08r+e2NBb/469pBQd4Vuydf9eWPRFN+VN0lv7R /8xoj39F1cd57pOaj2cBHMnR7+6V5weHJOYWU81zeuFTNcrXE1nrp8DV0+h2RhM/ CCdaLvLtOik= =kEhN -----END PGP SIGNATURE-----
--- End Message ---
