Your message dated Sat, 12 Sep 2015 21:19:44 +0000 with message-id <[email protected]> and subject line Bug#741421: fixed in coquelicot 0.9.4-1 has caused the Debian Bug report #741421, regarding coquelicot: Debug-style Net::IMAP::NoResponseError output in browser on bad user to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 741421: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741421 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: coquelicot Version: 0.9.2-2 Severity: minor Tags: upstream Dear Maintainer, This seems to be an upstream bug too. * What led up to the situation? Configured coquelicot to use the supplied IMAP authentication module, then while testing for use of IMAPS (not plaintext authentication) I tried a login with fictional user details. * What exactly did you do (or not do) that was effective (or ineffective)? Our mail server was configured to not reply for bad login attempt, so after a timeout coquelicot borked. * What was the outcome of this action? It spilled a very large amount of debug text (including entered username, etc) to the browser. * What outcome did you expect instead? The standard minimal "can not authenticate" text. => I hand-edited the system info below because I encountered the bug on a server I remotely administrate, but for security reasons I am not able to report it from within the server. -- System Information: Debian Release: wheezy (with "apt-get -t jessie install coquelicot" only) Architecture: amd64 (x86_64) -- Rowan Thorpe mailto:[email protected]
--- End Message ---
--- Begin Message ---Source: coquelicot Source-Version: 0.9.4-1 We believe that the bug you reported is fixed in the latest version of coquelicot, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jérémy Bobbio <[email protected]> (supplier of updated coquelicot package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 12 Sep 2015 22:07:26 +0200 Source: coquelicot Binary: coquelicot Architecture: source all Version: 0.9.4-1 Distribution: unstable Urgency: medium Maintainer: Jérémy Bobbio <[email protected]> Changed-By: Jérémy Bobbio <[email protected]> Description: coquelicot - "one-click" file sharing web application with a focus on users' p Closes: 722528 741421 773820 774859 774944 776312 778754 779828 782634 785396 796416 796503 Changes: coquelicot (0.9.4-1) unstable; urgency=medium . [ Jérémy Bobbio ] * New upstream release: - Keep errors from the authentication methods in the logs. (Closes: #741421) - Ensure compatibility with RSpec 3. (Closes: #796416) * Update debian/README.source * Update git-buildpackage configuration. * Update Depends and Build-Depends to match new upstream requierements. ruby-hpricot is no longer required. (Closes: #796503) * Update debian/copyright. * Document and ship settings for the LDAP authentication method. Original patch by Rowan Thorpe. (Closes: #774944) * Merge new upstream settings to the Debian configuration. We now create /var/cache/coquelicot for cache files. Original patch by Rowan Thorpe. (Closes: #785396) * Refresh patches and drop obsolete ones. * Update static gemspec. * Don't use bundler at all to run the test suite. * Add a patch to support the version of tilt currently in Debian. * Run integration tests when building the package. * Add a patch from upstream to fix a missing requires in integration tests. * Rewrite initscript using init-d-script(5). Thanks Rowan Thorpe for the suggestion. (Closes: #778754) * Stop running coquelicot as root. Big up to Rowan Thorpe for noticing the problem and offering an initial patch. (Closes: #779828, #782634) * Use debian/changelog date as gem build time. (Closes: #776312) * Add autopkgtests: on top of using gem2deb-test-runner to run unit tests and integration tests on the installed package, we also do black box testing for basic upload/download and garbage collection. * Add a patch from upstream to be compatible with jQuery 1.9+. * Switch to debhelper compat level 9. * Mention in debian/README.Debian that sub-directories are supported. (Closes: #722528) . [ Rowan Thorpe ] * Verify upstream OpenPGP signature. * Document that quilt patches must be applied when creating static gemspec. * Add ignores and clean rules for package rebuilding. (Closes: #774859) * Fix URL of the Git repository. (Closes: #773820) * Bump Standards-Version and use canonical URLs in Vcs-*. Checksums-Sha1: da0fc385a26bc1500957e5d8d4e732e0c2c1b41b 2299 coquelicot_0.9.4-1.dsc 0fd7feb0e556b2d588f66acf9013c3411412b5d5 187287 coquelicot_0.9.4.orig.tar.gz 8eefaaf2e35a7102085c9a32086e5469d1fbc445 38873 coquelicot_0.9.4-1.debian.tar.gz fe6c80bad43f45d8220b17216bb624134c8b386f 290802 coquelicot_0.9.4-1_all.deb Checksums-Sha256: 2ed3a9dded53ee00bbcb4e5b499b6fa8ed735e8f886e8726e78ef79122016dfe 2299 coquelicot_0.9.4-1.dsc 91b69bdaec8f835859f2ab73b5c28e3092f250a18a158da8ea2fb5db6b694f5c 187287 coquelicot_0.9.4.orig.tar.gz 19bd9cfcfc9ddf7b8edce673c186cf7a0e0205daada38580f34342aecbf54474 38873 coquelicot_0.9.4-1.debian.tar.gz 16f0e59727bae4073097dadeccef5b30e6b8c930dbbe828bd84680beb669f714 290802 coquelicot_0.9.4-1_all.deb Files: 2dca539742b1f29ebb87b60b4ea0c240 2299 web optional coquelicot_0.9.4-1.dsc 9599e4e1d552fdd3a7ec551faed7e47d 187287 web optional coquelicot_0.9.4.orig.tar.gz 1df8b7ee3bbb90ebb51ae10dbc689928 38873 web optional coquelicot_0.9.4-1.debian.tar.gz 916c1af5e1be72888114c7ccdc5399dd 290802 web optional coquelicot_0.9.4-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJV9Il+AAoJEEAsIlA9Nuk227IP/jz756Zpw2gGPp9/dp0al/El j6HPkxiCoQBOEDs9vM9Q/VMf8vobg+tgY0Rts0/63rwmwbEGWMc7Nk/p7npSiPdH Jz+JGfdmzd+HIs/kQcdJNEsxlGwIylbeOqF6fzo3P2qyFV+auJLDKrLR/EU4V6XG sNytMNWKxRaXOQu4wFLHsZB7FL1TqAPQlqk4/IMBzmkR8o4acKHg04PyV3zT2Ypa eYLkJ3PmMymQz6UwdJhTxKBXizeQEbDz716mderdAsxyp3ukEm5RS75H0+5Mgdlu UQf1HW7LdVVIXdZNQ6kz49+XqSRZkeWm7Nj3gKIFHefYz0enxqZdix7PBh9vIity ckbHac6CEMQ00chpg790uIaxzZmpAymxvilGBrffGk6h9OXLG/tFZ9mqHjcpbepD FeSXNBRzDk6ljPdKs9/TCl7K8v7yNnQkYuHTKRawZ3eeupl9P0iIazj7og7TdRDI HDoVJwJvrY1j/sOQ7EzGWo0DHnzbbfg5sc4YIJWi95ZmKz5Y1YNvjOiGS8BUaBiU G8iq9zhymPg9mNXFhoo1M8BGx/APVJgeiOADIuHQsYIp6M5pnkNB0UUNxYsXXtUU oAxD5ymSc8xelGj/a3M0hl3qSLxnGd/ioStlTGebZuWm26dzZYfqBHCNKvewMRWX EaPwnqvhQLbIHuRqyioB =4Nu0 -----END PGP SIGNATURE-----
--- End Message ---
