Your message dated Mon, 01 Dec 2014 17:34:27 +0000
with message-id <[email protected]>
and subject line Bug#752092: fixed in softhsm 1.3.7-2
has caused the Debian Bug report #752092,
regarding softhsm-keyconv creates security-sensibe file world-readable
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
752092: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752092
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: softhsm
Version: 1.3.3-2
Severity: important
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
the softshm-keyconv tool creates its output files with default access
rights, i.e. group and aworld readable on a default Debian setup.
I believe the correct thing would be to instead create files readable
only by the user invoking the tool, or inherit access rights from the
input file of the conversion process.
- Jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQF8BAEBCgBmBQJTotFzXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ3NjQ4ODQwMTIyRTJDNTBFQzUxRDQwRTI0
RUMxQjcyMjM3NEY5QkQ2AAoJEE7BtyI3T5vWnZ4H/iCM68hXXw/FkkZl9xjU3iNz
seEjspR1KTPjiwo/NncbXUWPERc0BR+nN/aUrqCkYONVOLberQJKCXgVG4AoudXT
rGD+mrcBqavz/k0VlDMSQY3g8cksqe+k7yjeiqnscoWdDOSeSgyKes7n2uDllOsi
J5GcNI8LQCUhWm5byK6/zF0gUVK7rHvD36F8HRmxAlkMOywngj0vimJFo2qfXv/3
jAlG2psLxNd3c8kMwkO6LVOcW//CUKY6KyOGV7GQiNdEyJQT+mqFVt55Bn0Hh5JN
QxDTOcPmHu9znKS0v1qq3E91GHGTJZA8ktm1SA3nNnwA5dUze5giB1yGLfq9zTU=
=qBC7
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: softhsm
Source-Version: 1.3.7-2
We believe that the bug you reported is fixed in the latest version of
softhsm, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <[email protected]> (supplier of updated softhsm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 01 Dec 2014 17:52:05 +0100
Source: softhsm
Binary: softhsm-common softhsm libsofthsm-dev libsofthsm softhsm-dbg
Architecture: source amd64
Version: 1.3.7-2
Distribution: unstable
Urgency: medium
Maintainer: Ondřej Surý <[email protected]>
Changed-By: Ondřej Surý <[email protected]>
Description:
libsofthsm - a cryptographic store accessible through a PKCS #11
libsofthsm-dev - a cryptographic store accessible through a PKCS #11
softhsm - a cryptographic store accessible through a PKCS #11
softhsm-common - a cryptographic store accessible through a PKCS #11
softhsm-dbg - Debug symbols for SoftHSM
Closes: 752092
Changes:
softhsm (1.3.7-2) unstable; urgency=medium
.
* Fix softhsm-keyconv creating security-sensibe file world-readable
(Closes: #752092)
* Update Vcs-Urls to point to anonscm.debian.org
* Standardize gbp repository layout
Checksums-Sha1:
4c35616ee05d048a2375f4cee1436a6b73368c68 2357 softhsm_1.3.7-2.dsc
c6ff73a951409ac6f903745b1760cc55c9ec2aa4 8828 softhsm_1.3.7-2.debian.tar.xz
0518fb60f5350f82dcf7901b0d2f0066385e6ff4 10664 softhsm-common_1.3.7-2_amd64.deb
83fba268f1fd131b057d2bfa27759a52a77a3a18 36342 softhsm_1.3.7-2_amd64.deb
bd313351be1f9cc74531e8ae31f34d86698f2ff0 55302 libsofthsm-dev_1.3.7-2_amd64.deb
24020d12d2ab913dda0f69c63ffc8d00c8bfe74c 42530 libsofthsm_1.3.7-2_amd64.deb
2957155e0e75d437afdc0f6c23b2111348e8f6d9 362020 softhsm-dbg_1.3.7-2_amd64.deb
Checksums-Sha256:
1a892255d2de9cb84ec2e3b60c314e81f1e0b4cdb1db2bffa3c0ae81958d57a0 2357
softhsm_1.3.7-2.dsc
fbfa54f534125903493bbba3425844adeac665328808c2a60c86175f15556630 8828
softhsm_1.3.7-2.debian.tar.xz
fc1a91adeaf6428622ce4dc27e5ab4d94d4d1189134f1f634b68c8c6870edd5d 10664
softhsm-common_1.3.7-2_amd64.deb
5d03f963dd75ad348311b7efb8195ca310836413abe2e4806836a2b4964b115f 36342
softhsm_1.3.7-2_amd64.deb
611379a9b87081d04a35e4104383f8b043d04a6b54d6c6e5687c08eccdb3f547 55302
libsofthsm-dev_1.3.7-2_amd64.deb
b3469ada39383bf8b4739026f364221635e1fd4fe8ca27027c2566366af87969 42530
libsofthsm_1.3.7-2_amd64.deb
6276210c230ee637ce08dbcc60403c1f5d13584ea3c53aad577664b74f9edcf6 362020
softhsm-dbg_1.3.7-2_amd64.deb
Files:
223f9b3f0cad7934378ed682c3586264 2357 admin extra softhsm_1.3.7-2.dsc
315b2804602ca9110a49a39ec9cdc179 8828 admin extra softhsm_1.3.7-2.debian.tar.xz
97c3802f0978c97dcda7bd863ac13f40 10664 admin extra
softhsm-common_1.3.7-2_amd64.deb
8a91b788bb45e507bc76ff8f98b8d2f2 36342 admin extra softhsm_1.3.7-2_amd64.deb
9832693ff6b2d124606911be2e7f0215 55302 libdevel extra
libsofthsm-dev_1.3.7-2_amd64.deb
3b6a231af6062514b749a02e1bce233f 42530 libs extra libsofthsm_1.3.7-2_amd64.deb
884fdeb46dc266637dedd32e00ce15eb 362020 debug extra
softhsm-dbg_1.3.7-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJUfJ8HXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHsLEQAKiZDQFIBZcH8gRa1nwsPy1Q
fx+mI7ZjREpw/COvGGkn2gWm0DYS8sXmaKhPpbnRtlfJoocfzRZ8E0dlSQWSYArK
R+NvSRBf1GqByloJx7N0FgDVoZuTeYvrGwXtVybXlTzstaCgqRjCTDI00M5p54dt
nqej5sLRNsGtDaFIm6npNRA3B86yA8/VAvhsG1L7Jla5S7FkZNcE0v6BDBHqt91R
yLjeTipvuswZGNBYZQ6yVRUD5i/Brlwa0xJNl4HE5gymbYKeqT9PdapNxSw7/sIl
sHAZPqNKPgOkw0I4+yBMM//xRQQ7dYCrJ+yfrUksbtq002+ZHej4bF0VBb6UYhYi
5xBSFWC+EjKdmyDiaoUbWPG8xpqTn+B5Tr2LoLqOaSCPy5RwepdRaa6xw5FbcSZI
1PbjJSW0jkwmpOMShmb2SVQJ1IyU54Ns0gvDtn1wjV5v3WkBYmSP0hBb4nfxsstT
lED+mciI6ZQJMME8ytenoosFx0sNotOP7EwqWeeoBGRyGK3Vx4Ti4FNdbEUaPSn2
751ynGJ5y76peSMkqN0XWErBSSPnpSKMUfRK8MfFucbZ64cPnV+5O4Snty7lkQRg
2O38NcCIet08SlARqLWS8UhFB5TxSWIw8P3ke7aCrkACFt3LEzZ9wscfe6xVXI6f
Z46CcRH5g8wnEUL+hsHW
=MSkf
-----END PGP SIGNATURE-----
--- End Message ---
