Your message dated Mon, 16 Jun 2014 09:36:52 +0000
with message-id <[email protected]>
and subject line Bug#751586: fixed in python-biopython 1.64+dfsg-2
has caused the Debian Bug report #751586,
regarding python-biopython: tests are run with HOME=/tmp
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
751586: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751586
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-biopython
Version: 1.64+dfsg-1
Tags: security
This package runs tests with HOME to to /tmp. But software that creates
files in $HOME (including Biopython itself) expect that this directory
is only writable by trusted users, whereas /tmp is world-writable.
A malicious local user could exploit this flaw to force tests failure by
creating the /tmp/.config file, preventing creation of
$HOME/.config/biopython. It is likely that more sophisticated (and more
harmful) attacks are also possible.
--
Jakub Wilk
--- End Message ---
--- Begin Message ---
Source: python-biopython
Source-Version: 1.64+dfsg-2
We believe that the bug you reported is fixed in the latest version of
python-biopython, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Tille <[email protected]> (supplier of updated python-biopython package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 14 Jun 2014 20:12:02 +0200
Source: python-biopython
Binary: python-biopython python3-biopython python-biopython-doc
python-biopython-sql python3-biopython-sql
Architecture: source amd64 all
Version: 1.64+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Andreas Tille <[email protected]>
Description:
python-biopython - Python library for bioinformatics (implemented in Python 2)
python-biopython-doc - Documentation for the Biopython library
python-biopython-sql - Biopython support for the BioSQL database schema
(Python 2)
python3-biopython - Python library for bioinformatics (implemented in Python 3)
python3-biopython-sql - Biopython support for the BioSQL database schema
(Python 3)
Closes: 751586
Changes:
python-biopython (1.64+dfsg-2) unstable; urgency=medium
.
* Use HOME in build_dir for testing (thanks to Jakub Wilk <[email protected]>
for the patch)
Closes: #751586
Checksums-Sha1:
a33b5bb76a90c1ae80eee3a3fdcd816f7f93e151 2884 python-biopython_1.64+dfsg-2.dsc
d730bac00575e795b3abb02f5e1a115307446231 10876
python-biopython_1.64+dfsg-2.debian.tar.xz
3fe4b4d490d635bdadd35d5aa01a0997fa214b85 1163376
python-biopython_1.64+dfsg-2_amd64.deb
d4a5d1f77ddcd61d7a016f987e60286e5c28066d 1131784
python3-biopython_1.64+dfsg-2_amd64.deb
8b436cc016695f1f28c3c1f93093cfcc10d1dde3 9758916
python-biopython-doc_1.64+dfsg-2_all.deb
72f7c48560cc33cb0d20dda3c7a5b63b75bfe11f 27306
python-biopython-sql_1.64+dfsg-2_all.deb
0f162408c556d950bd912ddb0713ea9c25dd503f 27346
python3-biopython-sql_1.64+dfsg-2_all.deb
Checksums-Sha256:
604e4330fcdf95d61b36916ca8bfdd26a230dc652cdde3900053f72878f70bd8 2884
python-biopython_1.64+dfsg-2.dsc
afc430c5e3d79f5d6035aee1034e40966848b76d2bd0cb8508e940cd2a35f083 10876
python-biopython_1.64+dfsg-2.debian.tar.xz
eb7f379034dfee7cc96b890ed431e5eebcf98a8b90b5c3f740ff257d2097bd22 1163376
python-biopython_1.64+dfsg-2_amd64.deb
05147cb2399a73732b7010d5e9fb49d3443170c14fcca9bdf0c3066d0d10ce22 1131784
python3-biopython_1.64+dfsg-2_amd64.deb
ff8069076a84b6f5d559aa7b580fcb5204fc4a7dc1d1932665b9dd87e1396102 9758916
python-biopython-doc_1.64+dfsg-2_all.deb
e010113da6b1491955662ac7538ec5a6058744cc6179ba88311600f9d4edb070 27306
python-biopython-sql_1.64+dfsg-2_all.deb
61267079c880a6b1017d3b4e5deef09825ce20f1f7769483326c557e8c2d0d3b 27346
python3-biopython-sql_1.64+dfsg-2_all.deb
Files:
d8bd379d460df1f8d008e38e2baec1b9 1163376 python optional
python-biopython_1.64+dfsg-2_amd64.deb
0e6fe4a635dcedacb738c0a4bcf8d195 1131784 python optional
python3-biopython_1.64+dfsg-2_amd64.deb
af08faae31a799c2db89fb9453eefdf2 9758916 doc optional
python-biopython-doc_1.64+dfsg-2_all.deb
1c5286b37d16f8f128d4c9aa5acb1b91 27306 python optional
python-biopython-sql_1.64+dfsg-2_all.deb
20ab6861f720e0b0b73629b3ba0c2aaf 27346 python optional
python3-biopython-sql_1.64+dfsg-2_all.deb
1f7b7006621790c156c969720d5f4ec8 2884 python optional
python-biopython_1.64+dfsg-2.dsc
a2df24d1b494e85bc1439816c4f86c94 10876 python optional
python-biopython_1.64+dfsg-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJTnqPKAAoJEFeKBJTRxkbR5KAP/ia9DBYxCz7QWa38SbLaxa2a
3pX9GutLQJQ74NguGXmL6lEQ09MSjQ1+/zcyHtHo+fwRULFQfYyAaTlXgDJ2QfoJ
2NLVLy5EgLKDyNqjj8LhzhbubNZA0LMVUleDXwwu07voM6LYK3nWGMSCrDIXsKVC
qlVWubYFXakpC9Vd8hofPDZmrZYBKe034Le6zV7dCwRLJ6bruBAoVz1U4XCQYNId
e5ejWm4Y+JhmCE54MkLzNBRZps2D8SseXI4mesHVic2TuIh/2m9DPAeDFBDbXG82
lz7ZLz4gSkoeVYYbAeD8oAtM7DEhfrWs9KbBqU2xS7W17sJRO4vrHifA8YWA86Zy
L6mEeRtKvKIGm/zZdv5blNLw7wnjURdeaZ+jziE3UPN8RhxX0AOJYQ59Pnvn/9CS
cGqTNS/rm7TkO+urR+EPWBaMNFIja3fWZbf7a56sGkWx0fsZNXAghkpSVW7YcCdS
QK1vWamdgdQKoWY1xzVoJjIcUFCEpe+5zsb/I9FSn0Hfx0BEWF86vmw+ZbE+jjHJ
2dMiJNc6U7ydpxLqRhBeaAls7fSsro/NWdd8ESNxK+Sg/c9rjGkWF09ydW7uSy6k
xxR44hr5U+Ju8OiL8Y1U/3hefwcI/TPhVBfH/Yxo4Dq5tFGV6jqi4FU+F35/RtBV
QFFWpRvfA2rgO75dg87z
=Y5HZ
-----END PGP SIGNATURE-----
--- End Message ---
