Your message dated Fri, 12 Feb 2010 06:17:09 +0000
with message-id <[email protected]>
and subject line Bug#547014: fixed in bsd-finger 0.17-14
has caused the Debian Bug report #547014,
regarding /usr/bin/finger: finger segfaults when /etc/passwd has netgroup entry
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
547014: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547014
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: finger
Version: 0.17-12
Severity: normal
File: /usr/bin/finger
Tags: patch
finger segfaults when it comes across a netgroup entry in /etc/passwd. A
netgroup entry doesn't include many of the fields in a normal passwd entry, so
pw->pw_gecos is set to NULL, which causes finger to core dump.
Here is part of a /etc/passwd file with a netgroup entry:
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+...@operator
This patch sidesteps what finger considers a malformed passwd entry:
diff -r bsd-finger-0.17/finger/util.c my.bsd-finger-0.17/finger/util.c
182a183
> if (pw->pw_gecos == NULL) return rv;
-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=ANSI_X3.4-1968)
(ignored: LC_ALL set to C)
Shell: /bin/sh linked to /bin/bash
Versions of packages finger depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
finger recommends no packages.
finger suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: bsd-finger
Source-Version: 0.17-14
We believe that the bug you reported is fixed in the latest version of
bsd-finger, which is due to be installed in the Debian FTP archive:
bsd-finger_0.17-14.debian.tar.bz2
to main/b/bsd-finger/bsd-finger_0.17-14.debian.tar.bz2
bsd-finger_0.17-14.dsc
to main/b/bsd-finger/bsd-finger_0.17-14.dsc
finger_0.17-14_amd64.deb
to main/b/bsd-finger/finger_0.17-14_amd64.deb
fingerd_0.17-14_amd64.deb
to main/b/bsd-finger/fingerd_0.17-14_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[email protected]> (supplier of updated bsd-finger
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 12 Feb 2010 14:49:23 +1100
Source: bsd-finger
Binary: finger fingerd
Architecture: source amd64
Version: 0.17-14
Distribution: unstable
Urgency: low
Maintainer: Anibal Monsalve Salazar <[email protected]>
Changed-By: Anibal Monsalve Salazar <[email protected]>
Description:
finger - user information lookup program
fingerd - remote user information server
Closes: 468454 547014
Changes:
bsd-finger (0.17-14) unstable; urgency=low
.
[ Mats Erik Andersson <[email protected]> ]
* Implement IPv6-support
Add 03-468454-fingerd-ipv6.patch
Add 04-468454-finger-ipv6.patch
Closes: 468454
* debian/fingerd.examples: Add debian/local/finger.xinetd
.
[ Anibal Monsalve Salazar ]
* Don't segfault when /etc/passwd has netgroup entry
Add 05-547014-netgroup.patch
Patch by Matthew A. Dunford
Closes: 547014
* Debian source format is 3.0 (quilt)
* Fix out-of-date-standards-version
* Fix maintainer-script-without-set-e
Checksums-Sha1:
ce883060fa1bf48436db27fcd284ae01937abf49 1653 bsd-finger_0.17-14.dsc
50b248bee925e80b9ce49c320709c79255bcc471 10389
bsd-finger_0.17-14.debian.tar.bz2
757c5a7a4850c862c15a7b22ac3f53ceb96c17ec 19278 finger_0.17-14_amd64.deb
b36bd08c92c9420388110cfad3c4ee0776c8c0b3 13318 fingerd_0.17-14_amd64.deb
Checksums-Sha256:
450b7fa638f8793ccfde25daba1edadce4373128e8492865e174b91453c9aadb 1653
bsd-finger_0.17-14.dsc
e3c09ee5d318abf7a1b548032fc3b3773df995c3f650a46b16b02d502aa14774 10389
bsd-finger_0.17-14.debian.tar.bz2
8447fb97dda9cfd886261bf4ee294ca991f90a643ba999f6a3e05c369c5f4509 19278
finger_0.17-14_amd64.deb
d0a410c5ca933c9c8af006722f31d5e20626c41b113b57935bf332cfb12bc6bc 13318
fingerd_0.17-14_amd64.deb
Files:
e89fd4492abb9538b9ee5e8ba5b8ce62 1653 net optional bsd-finger_0.17-14.dsc
21bf0e0d52d7e186cdc8edceafab99f0 10389 net optional
bsd-finger_0.17-14.debian.tar.bz2
3acbbfea484ba923340ebbbcab8836d1 19278 net optional finger_0.17-14_amd64.deb
ba90bb7f07d7675446902d2a68544dd3 13318 net optional fingerd_0.17-14_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLdO9UAAoJEHxWrP6UeJfYzRkQAMysfPpnKGagOzY7yt+lZQWp
BVCPzTt/fK7iWYYp3q0mdsrIcYmsY0zLG1+ObfZzOHBKf8rOZue/TAbyQUK+3iy4
rOgm60XJC+AmvP+x/poGWSQ+A5fUyVt9LC7a+qla9mDVBoVCuXFjeVnY4MkzDclx
bQKtY5h3CPnXs8+YU1WOVK/u4y9ld/DZxvd6qc63BS7sGTq7Fd6gJN/PFxGgG9KG
0LOgYFVz/VnlaNU0joSAKwic/A7wRtQcRzgmVq6zZr9bU8y2ILSEAA/0KXvQNhWR
6lHR5jeTzbhIXzkI9FSrbDoWgjyITU0FM9Hjj7jLjqk6UNDuynch/dHYfRMoSOr3
gl1ozg3EwLi6FDtTaUqOZMhmu6hla6FU7mVOg0gELLcQj23jMEkz5/g61aUTVnTQ
tRgXtpJJBEtPfFq52br7wMRhrV/tSxMJk7OsbQFnz/WWNSWqR5PzYWjd9/tbtsNp
RUOIeBwVlxjEmW5VyqHa0xOIZ5D7ZSG3TfyXEFrW44K/fvYs9fuZVLFqnCXVzEkC
GB3un1oR+kuKTvAuJ8cqj5QSqNeqJ822tcIl5KalmtzV3Evl9fWpjk1oMHvDsrDB
c6ZTye2X6+o2iqVQkLxCi4345JRAplG2Mnz2LliKDxCg6SGcy2EqBNVpFXlub+dn
Kx9+oKjkCpyZw0owaysZ
=OB2Z
-----END PGP SIGNATURE-----
--- End Message ---
