Bug#579195: marked as done (cat5rancid does not strip snmp community names)

Wed, 02 Mar 2011 15:06:23 -0800 

Your message dated Wed, 02 Mar 2011 23:02:42 +0000
with message-id <[email protected]>
and subject line Bug#579195: fixed in rancid 2.3.6-1
has caused the Debian Bug report #579195,
regarding cat5rancid does not strip snmp community names
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
579195: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579195
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: rancid
Version: 2.3.2-1.1
Severity: normal
Tags: patch


CatOS pads the output of snmp community names in show running-config with
multiple spaces, but the regex for stripping the community names out
only matches on one.

The attached patch fixes this information disclosure problem and has
been forwarded to upstream maintainers already.

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (800, 'stable'), (400, 'testing'), (99, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-6-xen-686 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages rancid depends on:
ii  adduser                 3.110            add and remove users and groups
ii  cvs                     1:1.12.13-12     Concurrent Versions System
ii  debconf [debconf-2.0]   1.5.24           Debian configuration management sy
ii  expect                  5.43.0-17        A program that can automate intera
ii  iputils-ping [ping]     3:20071127-1     Tools to test the reachability of 
ii  libc6                   2.7-18lenny2     GNU C Library: Shared libraries
ii  openssh-client          1:5.1p1-5        secure shell client, an rlogin/rsh
ii  passwd                  1:4.1.1-6+lenny1 change and administer password and
ii  perl                    5.10.0-19lenny2  Larry Wall's Practical Extraction 
ii  ssh                     1:5.1p1-5        secure shell client and server (me
ii  subversion              1.5.1dfsg1-4     Advanced version control system

rancid recommends no packages.

Versions of packages rancid suggests:
ii  diffstat                      1.45-2     produces graph of changes introduc

-- debconf information:
* rancid/warning:
* rancid/go_on: true

--- cat5rancid.orig     2010-04-26 11:22:15.000000000 +0800
+++ cat5rancid  2010-04-26 11:22:28.000000000 +0800
@@ -1000,7 +1000,7 @@
            }
            next;
        }
-       if (/^(set snmp community) (\S+) (\S+)/) {
+       if (/^(set snmp community) (\S+)\s+(\S+)/) {
            if ($filter_commstr) {
                ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $2 
<removed>\n");
            } else {

--- End Message ---
--- Begin Message --- 
Source: rancid
Source-Version: 2.3.6-1

We believe that the bug you reported is fixed in the latest version of
rancid, which is due to be installed in the Debian FTP archive:

rancid-cgi_2.3.6-1_all.deb
  to main/r/rancid/rancid-cgi_2.3.6-1_all.deb
rancid-core_2.3.6-1_all.deb
  to main/r/rancid/rancid-core_2.3.6-1_all.deb
rancid-util_2.3.6-1_all.deb
  to main/r/rancid/rancid-util_2.3.6-1_all.deb
rancid_2.3.6-1.diff.gz
  to main/r/rancid/rancid_2.3.6-1.diff.gz
rancid_2.3.6-1.dsc
  to main/r/rancid/rancid_2.3.6-1.dsc
rancid_2.3.6-1_amd64.deb
  to main/r/rancid/rancid_2.3.6-1_amd64.deb
rancid_2.3.6.orig.tar.gz
  to main/r/rancid/rancid_2.3.6.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Roland Rosenfeld <[email protected]> (supplier of updated rancid package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Wed, 02 Mar 2011 23:45:25 +0100
Source: rancid
Binary: rancid rancid-core rancid-util rancid-cgi
Architecture: source all amd64
Version: 2.3.6-1
Distribution: unstable
Urgency: low
Maintainer: Roland Rosenfeld <[email protected]>
Changed-By: Roland Rosenfeld <[email protected]>
Description: 
 rancid     - Really Awesome New Cisco confIg Differ
 rancid-cgi - looking glass CGI for rancid
 rancid-core - transitional dummy package (rancid-core -> rancid)
 rancid-util - transitional dummy package (rancid-util -> rancid)
Closes: 577111 578842 579195 598783 612366
Changes: 
 rancid (2.3.6-1) unstable; urgency=low
 .
   * New upstream release 2.3.6 (Closes: #612366).
     - This already fixes the CatOS SNMP community issue (Closes: #579195).
     - This already fixes the CatOS localuser password issue (Closes: #578842).
   * Adapt all patches to new version.
   * Remove 10_iosxr, it's now included upstream.
   * Update da.po. Thanks to Joe Dalton <[email protected]> (Closes: #598783).
   * Add debian/source/format 1.0.
   * Update to Standards-Version 3.9.1
     - Change versioned Conflicts to Breaks.
   * 08_hlogin_paging: Gracefully handle errors on ProCurve switches that
     don't support "terminal length 0".  Thanks to Matej Vela
     <[email protected]> (Closes: #577111)
Checksums-Sha1: 
 f91a1d1f848bb0a4d3ea109afeea3fcc63eec26b 1144 rancid_2.3.6-1.dsc
 57b7a7c86a9c30e90e931072f2bcb4e61b00fa46 372436 rancid_2.3.6.orig.tar.gz
 3169215d9ebaa089ab0df433d3fc6ab7921d8cfb 28975 rancid_2.3.6-1.diff.gz
 3ab537a163911b2024107255c08d3232510f68ee 22256 rancid-core_2.3.6-1_all.deb
 6793ee683b9d1ebf7dcf95bb2aa840340aad6900 22258 rancid-util_2.3.6-1_all.deb
 ac19ddcf519a372fec38b3263c99f123ddc7d25e 52678 rancid-cgi_2.3.6-1_all.deb
 0d839419628d374f1ab8d96119df221ec5bfac91 275662 rancid_2.3.6-1_amd64.deb
Checksums-Sha256: 
 5cc5c0ea096a26054a086055c1b13009ae81b7cfe7f00fb82a31ad7ef1171485 1144 
rancid_2.3.6-1.dsc
 d9b963d435fdf9129d80f30f5d28fcc3a2ae3ec52bd5ed598ca8c9abff6395b3 372436 
rancid_2.3.6.orig.tar.gz
 c750a253b57999fe822e89699f2f4049f128aa32bc8de7658926a0c32f3245e1 28975 
rancid_2.3.6-1.diff.gz
 41d693219f2f4c1d2240c9c115304998c477432b640126adfef0dc59437b4861 22256 
rancid-core_2.3.6-1_all.deb
 922a97522bf792800540de3f6aa9877b1285866a98423400c871d33b2797437b 22258 
rancid-util_2.3.6-1_all.deb
 bc850480e7ee0ca1b89b82a4d2ba7fc1c03215f43bef939f8db8b1b4c24fdcda 52678 
rancid-cgi_2.3.6-1_all.deb
 ab6d62d0afe1bf54715c6da44589d2fc6c019482d9fdc7f4b90ade4be0e4bb38 275662 
rancid_2.3.6-1_amd64.deb
Files: 
 0532ffd71c75672ffcd01164cc87cda5 1144 net optional rancid_2.3.6-1.dsc
 603dcc7923b0d34c024490c534362a35 372436 net optional rancid_2.3.6.orig.tar.gz
 a3bbd4acfd1cc8409511d683d12960ad 28975 net optional rancid_2.3.6-1.diff.gz
 79b4d4d30c5b0f8b3076a505687ac514 22256 net optional rancid-core_2.3.6-1_all.deb
 e602601ac8d7c3e12c434e6aa135749d 22258 net optional rancid-util_2.3.6-1_all.deb
 1384fc3f137f49953b779ce860d4b9fe 52678 net optional rancid-cgi_2.3.6-1_all.deb
 e4491f57680dd0b50fa18df1f0ff8b31 275662 net optional rancid_2.3.6-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEAREDAAYFAk1uyc8ACgkQO7/Pd72LBQ0OIwCgnilo2qpCUBeoarBNSzTV/RHq
/+IAnRQS9rhyT+COLcopfxp6h/ookiKq
=5FPf
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to