Your message dated Tue, 30 Jun 2009 09:32:53 +0000
with message-id <[email protected]>
and subject line Bug#510126: fixed in denyhosts 2.6-6
has caused the Debian Bug report #510126,
regarding denyhosts: Creates the sync-received and sync-timestamp world-writable
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
510126: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510126
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: denyhosts
Version: 2.6-5
Severity: normal

In a fit of perhaps unadvised pique, I nuked /var/lib/denyhosts/* to try to
reset it after an authentication problem caused a lot of valid hosts to be
blocked.  I just discovered that the sync-received and sync-timestamp files
were recreated world-writable:

-rw-rw-rw-  1 root root 111611 2008-12-29 09:41 sync-received
-rw-rw-rw-  1 root root     10 2008-12-29 09:41 sync-timestamp

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages denyhosts depends on:
ii  lsb-base                      3.2-20     Linux Standard Base 3.2 init scrip
ii  python                        2.5.2-3    An interactive high-level object-o
ii  python-central                0.6.8      register and build utility for Pyt

denyhosts recommends no packages.

denyhosts suggests no packages.

-- no debconf information



--- End Message ---
--- Begin Message ---
Source: denyhosts
Source-Version: 2.6-6

We believe that the bug you reported is fixed in the latest version of
denyhosts, which is due to be installed in the Debian FTP archive:

denyhosts_2.6-6.diff.gz
  to pool/main/d/denyhosts/denyhosts_2.6-6.diff.gz
denyhosts_2.6-6.dsc
  to pool/main/d/denyhosts/denyhosts_2.6-6.dsc
denyhosts_2.6-6_all.deb
  to pool/main/d/denyhosts/denyhosts_2.6-6_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Marco Bertorello <[email protected]> (supplier of updated denyhosts 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 03 Jan 2009 15:02:11 +0000
Source: denyhosts
Binary: denyhosts
Architecture: source all
Version: 2.6-6
Distribution: unstable
Urgency: low
Maintainer: Marco Bertorello <[email protected]>
Changed-By: Marco Bertorello <[email protected]>
Description: 
 denyhosts  - a utility to help sys admins thwart SSH crackers
Closes: 431301 459808 507494 508504 510126 516068 518337
Changes: 
 denyhosts (2.6-6) unstable; urgency=low
 .
   * fixed wrong warns in init script. Thanks to Marco Rodrigues
     <[email protected]> (Closes: 518337)
   * introduced a patch to create the sync-timestamp file if doesn't exist.
     Thanks to Marco Rodrigues <[email protected]> (Closes: 508504, 510126)
   * fixed import from _future_ module in dh_reenable (Closes: 507494)
   * applied useful patch from Mathieu Goutelle <[email protected]>
     for correct a regexp issue (Closes: 459808)
   * changed group owner for logfiles to adm (Closes: 431301)
   * added some information in manpage that describe the default running mode
     in debian. Thanks to Ben Crowell <[email protected]>
   * capitalized ssh in short and extended description (Closes: 516068)
Checksums-Sha1: 
 9ec19545f6d7df7157b8544b894cd498cfeb7a24 1084 denyhosts_2.6-6.dsc
 6471786fb3661099e596592f5ada29b4c826c05e 37735 denyhosts_2.6-6.diff.gz
 a8c7098cd8e39de03753a29b9bf901e4e11b9a95 66664 denyhosts_2.6-6_all.deb
Checksums-Sha256: 
 16e1ec02292632ff6b309fb8439669e20c5f118b2cdbf71455c7cf4aa3e618cb 1084 
denyhosts_2.6-6.dsc
 a7c317311a85d1a05bda7e8b038eae50fb05164a9b34df0878c63d84a6df2e89 37735 
denyhosts_2.6-6.diff.gz
 9a8a218dca707962031b1d346c437efe242ff87aae4ec11bc64611739380048e 66664 
denyhosts_2.6-6_all.deb
Files: 
 23201902a071c786f014171b26ab80c5 1084 net optional denyhosts_2.6-6.dsc
 69f5bda01cce1537bbae3dc02056b674 37735 net optional denyhosts_2.6-6.diff.gz
 8715e18ac23324fd05dbfa21341d9764 66664 net optional denyhosts_2.6-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpJ2lEACgkQaGRzDfCV5eQwqQCfTaFXHmZXMXJfm4+wVQtzlXzr
AFkAn0evMEetHE3DeoljKtBW1u7kLLiL
=eDbW
-----END PGP SIGNATURE-----



--- End Message ---

Reply via email to