Your message dated Mon, 19 Dec 2005 10:47:08 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#344000: fixed in b2evolution 0.9.1b-4
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 19 Dec 2005 10:41:06 +0000
>From [EMAIL PROTECTED] Mon Dec 19 02:41:06 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ocean.aerine.net ([82.240.213.237])
by spohr.debian.org with esmtp (Exim 4.50)
id 1EoILp-000430-5R
for [EMAIL PROTECTED]; Mon, 19 Dec 2005 02:34:41 -0800
Received: from guiton by ocean.aerine.net with local (Exim 3.36 #1 (Debian))
id 1EoILH-0005yw-00; Mon, 19 Dec 2005 11:34:07 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Arnaud Guiton <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: b2evolution: Bad permissions on configuration files,
allowing regular users to see important data
Message-ID: <[EMAIL PROTECTED]>
X-Mailer: reportbug 3.18
Date: Mon, 19 Dec 2005 11:34:07 +0100
Sender: Arnaud Guiton <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: b2evolution
Severity: important
The files under /etc/b2evolution/ are currently readable by all users.
This is a major problem because they contain the MySQL password of the
b2evolution user.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12.1
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 344000-close) by bugs.debian.org; 19 Dec 2005 18:52:10 +0000
>From [EMAIL PROTECTED] Mon Dec 19 10:52:10 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EoQ2O-00069H-J2; Mon, 19 Dec 2005 10:47:08 -0800
From: Arnaud Guiton <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#344000: fixed in b2evolution 0.9.1b-4
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 19 Dec 2005 10:47:08 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: b2evolution
Source-Version: 0.9.1b-4
We believe that the bug you reported is fixed in the latest version of
b2evolution, which is due to be installed in the Debian FTP archive:
b2evolution_0.9.1b-4.diff.gz
to pool/main/b/b2evolution/b2evolution_0.9.1b-4.diff.gz
b2evolution_0.9.1b-4.dsc
to pool/main/b/b2evolution/b2evolution_0.9.1b-4.dsc
b2evolution_0.9.1b-4_all.deb
to pool/main/b/b2evolution/b2evolution_0.9.1b-4_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Arnaud Guiton <[EMAIL PROTECTED]> (supplier of updated b2evolution package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 19 Dec 2005 12:57:31 +0100
Source: b2evolution
Binary: b2evolution
Architecture: source all
Version: 0.9.1b-4
Distribution: unstable
Urgency: medium
Maintainer: Arnaud Guiton <[EMAIL PROTECTED]>
Changed-By: Arnaud Guiton <[EMAIL PROTECTED]>
Description:
b2evolution - a multilingual, multiuser, multi-blog engine
Closes: 344000
Changes:
b2evolution (0.9.1b-4) unstable; urgency=medium
.
* Fixes bad permissions on /etc/b2evolution/_config.php* : these files may
contain important data and should not be readable by regular users.
(Closes: #344000)
Files:
1571b672198ccec8c26bf7d6a2a8ccb0 585 web optional b2evolution_0.9.1b-4.dsc
1e4f86222a74a05ecc8eab363060c835 8765 web optional b2evolution_0.9.1b-4.diff.gz
680484a8afcc07cb0fc7ac3d5d4fc91c 2417772 web optional
b2evolution_0.9.1b-4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDpv9HyJBzD6P54w4RAj9sAJ9xd7Fnrqa5HU8k3ojgw1MMi3eoWACfWmcx
CeUt1F6ieHbTsBSB7mQv408=
=AlES
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
