Your message dated Sat, 19 May 2012 15:34:08 +0000
with message-id <[email protected]>
and subject line Bug#639627: fixed in sympa 6.1.11~dfsg-1
has caused the Debian Bug report #639627,
regarding sympa: Wrong value for EXPLDIR in Constants.pm
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
639627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639627
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sympa
Severity: important
The sympa package in Debian uses the wrong value for EXPLDIR in Constants.pm;
per sympa documentation about virtual hosts, this directory must be the
list_data
subdirectory of the sympa data directory, see
http://www.sympa.org/manual/virtual-hosts
For the Debian configured package, this would mean
/var/lib/sympa/list_data
Instead, the Constants.pm file shipped with all versions of the sympa package I
could check
contains the line
use constant EXPLDIR => '/var/lib/sympa';
This is a significant deviation from the architecture of the file system used
in sympa upstream,
and has two major negative effects:
- it renders the official documentation useless: I spent several hours
tracking down this
issue, and I am sure any other user willing to exploit sympa's virtual hosts
facility
will have a similar headache;
- it has potential dangerous consequences: the /var/lib/sympa/list_data must
only contain
virtual host domains, and the sympa code iterates on the files therein;
/var/lib/sympa
contains a lot of other data unrelated to virtual hosts
I would suggest checking carefully where this erroneous configuration comes
from (looking
at the sources of the modified Debian sympa I could not find where list_data
disappears)
-- System Information:
Debian Release: 6.0.1
APT prefers testing
APT policy: (750, 'testing'), (700, 'stable'), (600, 'unstable'), (550,
'experimental'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.utf8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: sympa
Source-Version: 6.1.11~dfsg-1
We believe that the bug you reported is fixed in the latest version of
sympa, which is due to be installed in the Debian FTP archive:
sympa_6.1.11~dfsg-1.debian.tar.gz
to main/s/sympa/sympa_6.1.11~dfsg-1.debian.tar.gz
sympa_6.1.11~dfsg-1.dsc
to main/s/sympa/sympa_6.1.11~dfsg-1.dsc
sympa_6.1.11~dfsg-1_amd64.deb
to main/s/sympa/sympa_6.1.11~dfsg-1_amd64.deb
sympa_6.1.11~dfsg.orig.tar.gz
to main/s/sympa/sympa_6.1.11~dfsg.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Emmanuel Bouthenot <[email protected]> (supplier of updated sympa package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 10 Apr 2012 21:28:03 +0000
Source: sympa
Binary: sympa
Architecture: source amd64
Version: 6.1.11~dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Sympa team <[email protected]>
Changed-By: Emmanuel Bouthenot <[email protected]>
Description:
sympa - Modern mailing list manager
Closes: 415884 516164 516513 601662 638320 639627 639911 653265 655269 655967
660837 666920 668995
Changes:
sympa (6.1.11~dfsg-1) unstable; urgency=high
.
* New upstream release
- Fix security issue CVE-2012-2352 (set urgency accordingly)
- Fix a bug about VERP return path not correctly set (Closes: #653265)
- Fix '*insecure*' errors in webserver logs (Closes: #516164)
- Fix segfault of wwsympa while sending emails (Closes: #655269)
- Fix setuid attributes on cgi and cgi wrappers (Closes: #639911)
- Fix default EXPLDIR value (Closes: #639627)
- Refresh patches
* Fix location of X509-user-certs directory which contains user
certificates: It has to be in /var/lib/sympa/list_data/X509-user-certs
(Closes: #516513)
* Update Dutch debconf translations (Closes: #660837, Thanks to
Jeroen Schot)
* Add Italian debconf translations (Closes: #666920, Thanks to
Beatrice Torracca)
* Definitely fix the reset of permissions in /var/spool/sympa and
/var/lib/sympa. Thanks to Chris Reeves for the patch (Closes: #668995)
* Bump Standards-Version to 3.9.3
* Remove useless patch with hardcoded user/group 'sympa' (no more needed)
* Add a patch to fix typos and bad whatis entries in manpages
* Add a lintian override against 'possible-bashism-in-maintainer-script'
(false positive)
* Move ca-certificates from Recommends to Depends as lintian detects a
broken symlink (even if lintian is right it fails to detect that it is
by now a false positive hence an override has been added)
* Add a patch for sympa_wizard manpage rewording
* Add missing manpage for sympa_wizard (Closes: #415884)
* Add a patch to fix a warning in logs about 'Unknown parameter
ldap_force_canonical_email' (Closes: #638320)
* Do not handle /etc/sympa/data_structure.version as a conffile as it
breaks sympa internals upgrade (Closes: #655967)
* Add a patch to disable the email notification 'css updated' on each
upgrade (Closes: #601662)
Checksums-Sha1:
37ae7e0f6ea640f4b15a5ea92712a15bb9efa6fb 2542 sympa_6.1.11~dfsg-1.dsc
a7725139d382de7db90a1f40274c82d335952713 5428470 sympa_6.1.11~dfsg.orig.tar.gz
6e346391095e4aed973d5163ca1bb0ffe985ff42 117584
sympa_6.1.11~dfsg-1.debian.tar.gz
6706b35533496b4987d046e5a6cbd370a8d43c46 3141758 sympa_6.1.11~dfsg-1_amd64.deb
Checksums-Sha256:
f8bd9631b73685d14c6d8a651feadf3f26b2997f3d4ab1cb58a7caef38ed77c3 2542
sympa_6.1.11~dfsg-1.dsc
68d09f0532fabafec539733c898cd579eea81ac23f4a71914ba47e42595e4b63 5428470
sympa_6.1.11~dfsg.orig.tar.gz
308658e608a2a817e48e34420f03cfd2c58d4109e0bbcb03ff4c0e2dd0768192 117584
sympa_6.1.11~dfsg-1.debian.tar.gz
7714e191eb7d5e2efd78291443bbbb626d912032e7a5934615ff16d1a3eff677 3141758
sympa_6.1.11~dfsg-1_amd64.deb
Files:
f6e3860a879e87e92cf1efa6efe72c2b 2542 mail optional sympa_6.1.11~dfsg-1.dsc
1acddec6b91809ee03e11661a78c216c 5428470 mail optional
sympa_6.1.11~dfsg.orig.tar.gz
6b9b5522b25def4858fb54566c5b839b 117584 mail optional
sympa_6.1.11~dfsg-1.debian.tar.gz
2841f58fe9543e49adc6538211296b50 3141758 mail optional
sympa_6.1.11~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJPt7LvAAoJEEsHdyOSnULDZgoP/2ioHL6PaBm7TyJRsbWlstWw
M/L3hK+40T2G4p/y0PGpGzAfAwTWvSRhjwKj7y99uI1wzyp6YwmEVm2w0FK1N2NM
TlO4C/QFo4PmFSqtMa6+AatDv3NlRfX1AJwaN3pmWiJVVZTyZ6WfDAmcwngW5Gfr
fMHc0B2CoNa8eKECnisdoeLO5m+A5QSWH4FcsUKw2rvOZLTOr1I4BgQ+x/Apr8MZ
0K86m8+O+C8baYMLrWpF/qd5nc1oVj9PfiGXvp6/OiCTTCBmlBD/coKJOcPTVkti
sCbJD3SP4Ch5Yt1p/I1c8nimvsLT7EJGJeF/nPjdPIOuBiQXUgUBDTqI3IV+UGkg
ISlSogwjmk5GaMJ1STFVaXxx7h7drG3EaA4WJYgBJQdjGyAS7YA/gN0BMPI7m1hF
v9KNXEHoS43JmJmmFuZ6GmwBcBw0k/n7Gss5nvVvUoFMQZVmNmeNzeuvdG58k2un
Qs2YAUZp0bsW2aQp2pJq4FeNoMFKHqapuEfLc8OiXMO0vY4lS7mHkc7ZKXWYwKvT
jLgCurUXd9wOUgenARH+cUQ07tdIWcYohlK1AUyGsdH/FjaQ7wHhAU7hqdTR2K6T
eFXh7IqlKS4wcyD48pyARGfax0C68nJCFye397UeW5l8UEJAL5rCUaAVa75+5KlN
mTHyR/RrZpsocNAIZ0Gn
=1OcB
-----END PGP SIGNATURE-----
--- End Message ---
