Your message dated Thu, 02 Jun 2011 13:49:31 +0000
with message-id <[email protected]>
and subject line Bug#592972: fixed in xsane 0.998-2
has caused the Debian Bug report #592972,
regarding xsane overwrites user's umask
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
592972: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592972
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xsane
Version: 0.997-2
Severity: wishlist
Tags: patch
User: [email protected]
Usertags: origin-ubuntu maverick ubuntu-patch
xsane overwrites the user's umask to 0007, and creates ~/.sane and other files
with the according 770 permissions on directories and 660 on files containing
the printer description. This is dangerous in a multiuser environment.
This bug was originally reported on Launchpad:
https://bugs.launchpad.net/ubuntu/+source/xsane/+bug/611950
*** /tmp/tmpqQRphP
In Ubuntu, we've applied the attached patch to achieve the following:
[Adrien Thebo]
* Fix umask permitions (LP: #611950)
- debian/patches/fix_umask_permitions.patch
We thought you might be interested in doing the same.
-- System Information:
Debian Release: squeeze/sid
APT prefers lucid-updates
APT policy: (500, 'lucid-updates'), (500, 'lucid-security'), (500,
'lucid-proposed'), (500, 'lucid-backports'), (500, 'lucid')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-24-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
=== modified file 'debian/changelog'
=== added file 'debian/patches/fix_umaks_permitions.patch'
--- debian/patches/fix_umaks_permitions.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/fix_umaks_permitions.patch 2010-08-14 15:50:49 +0000
@@ -0,0 +1,13 @@
+Index: xsane/src/xsane.h
+===================================================================
+--- xsane.orig/src/xsane.h 2010-08-14 02:37:42.830513543 -0500
++++ xsane/src/xsane.h 2010-08-14 02:38:01.763579047 -0500
+@@ -104,7 +104,7 @@
+ #define XSANE_DEBUG_ENVIRONMENT "XSANE_DEBUG"
+
+ #define XSANE_PROGRESS_BAR_MIN_DELTA_PERCENT 0.025
+-#define XSANE_DEFAULT_UMASK 0007
++#define XSANE_DEFAULT_UMASK 0077
+ #define XSANE_HOLD_TIME 200
+ #define XSANE_CONTINUOUS_HOLD_TIME 10
+ #define XSANE_DEFAULT_DEVICE "SANE_DEFAULT_DEVICE"
=== modified file 'debian/patches/series'
--- debian/patches/series 2010-06-21 12:50:50 +0000
+++ debian/patches/series 2010-08-14 15:50:49 +0000
@@ -12,3 +12,4 @@
fix_preview_mouse_events.patch
fix_spin_button_pagesize.patch
pot_desktop_msgid.patch
+fix_umaks_permitions.patch
=== modified file 'src/xsane.h'
--- src/xsane.h 2010-06-21 12:50:50 +0000
+++ src/xsane.h 2010-08-14 15:50:49 +0000
@@ -104,7 +104,7 @@
#define XSANE_DEBUG_ENVIRONMENT "XSANE_DEBUG"
#define XSANE_PROGRESS_BAR_MIN_DELTA_PERCENT 0.025
-#define XSANE_DEFAULT_UMASK 0007
+#define XSANE_DEFAULT_UMASK 0077
#define XSANE_HOLD_TIME 200
#define XSANE_CONTINUOUS_HOLD_TIME 10
#define XSANE_DEFAULT_DEVICE "SANE_DEFAULT_DEVICE"
--- End Message ---
--- Begin Message ---
Source: xsane
Source-Version: 0.998-2
We believe that the bug you reported is fixed in the latest version of
xsane, which is due to be installed in the Debian FTP archive:
xsane-common_0.998-2_all.deb
to main/x/xsane/xsane-common_0.998-2_all.deb
xsane_0.998-2.debian.tar.gz
to main/x/xsane/xsane_0.998-2.debian.tar.gz
xsane_0.998-2.dsc
to main/x/xsane/xsane_0.998-2.dsc
xsane_0.998-2_amd64.deb
to main/x/xsane/xsane_0.998-2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Julien BLACHE <[email protected]> (supplier of updated xsane package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 02 Jun 2011 15:27:09 +0200
Source: xsane
Binary: xsane xsane-common
Architecture: source all amd64
Version: 0.998-2
Distribution: unstable
Urgency: low
Maintainer: Julien BLACHE <[email protected]>
Changed-By: Julien BLACHE <[email protected]>
Description:
xsane - featureful graphical frontend for SANE (Scanner Access Now Easy)
xsane-common - featureful graphical frontend for SANE (Scanner Access Now Easy)
Closes: 592972
Changes:
xsane (0.998-2) unstable; urgency=low
.
* debian/control:
+ Bump Standards-Version to 3.9.2 (no changes).
.
* debian/patches/fix_tighten_default_umask.patch:
+ Added; tighten default umask, going to 0077 from 0007 (closes: #592972).
Checksums-Sha1:
405f80692b6d2435c892e290f8af794216fa25c3 1127 xsane_0.998-2.dsc
0681e26601252760bcf6ed62e1e1a58a16aa0b70 92209 xsane_0.998-2.debian.tar.gz
e7594dcef9f86922307d69df600186b7c3260d47 1820078 xsane-common_0.998-2_all.deb
e8cb42eba5afc0f910b03ddea74db069081b2ece 333186 xsane_0.998-2_amd64.deb
Checksums-Sha256:
4c6fcb4649041395b343e7c4227b664669a6b00a144acc9075b64ffda04651d4 1127
xsane_0.998-2.dsc
bb1abebcf7910f846d1cce5ce7ac93d7199d9a4128990a77b95513127aee7768 92209
xsane_0.998-2.debian.tar.gz
f3ac658481cdb47fa0489836ae29cf31c3ca64c6cac210214f1ba6e189385423 1820078
xsane-common_0.998-2_all.deb
217f9d060026e4665cc32a337974f5273f0658180b37c6ea8e635f1d6b850dcb 333186
xsane_0.998-2_amd64.deb
Files:
c93964bc1b84089dcd4be9a1c04ca664 1127 graphics optional xsane_0.998-2.dsc
250b7d6981fcc871d30b8917fd910a77 92209 graphics optional
xsane_0.998-2.debian.tar.gz
11c4a004eb5278648c7709817217627a 1820078 graphics optional
xsane-common_0.998-2_all.deb
d8f0907819c09a7d55a897587e226530 333186 graphics optional
xsane_0.998-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFN55BuzWFP1/XWUWkRAk6gAJ4mdWCHcbkzlvCiIPfwuN57XbrEpQCgwMmK
ACYiLiVDmcUuaIz3okB2uRk=
=sS3P
-----END PGP SIGNATURE-----
--- End Message ---
