Bug#703388: marked as done (davical: potential privacy issues as any user can list all other users/their details, etc.)

[Debian Bug Tracking System]

Your message dated Mon, 01 Mar 2021 13:48:32 +0000
with message-id <e1lgiuw-0009yk...@fasolo.debian.org>
and subject line Bug#703388: fixed in davical 1.1.10-1
has caused the Debian Bug report #703388,
regarding davical: potential privacy issues as any user can list all other 
users/their details, etc.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
703388: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703388
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: davical
Version: 1.1.1-1
Severity: normal
Tags: upstream


Hi.

This is something we should eventually think about:
Every normal user that can login to the admin interface
can also do all the "List Users", "List Resources", etc.
and also see the details of those, e.g the usernames, their
real names and email addresses.

Especially when one considers that Davical is wonderfully suited
to do vhosting (multiple domains, and therefore organisations, per DB)
this can be a privacy issue.


Cheers,
Chris.

--- End Message ---

--- Begin Message ---

Source: davical
Source-Version: 1.1.10-1
Done: Florian Schlichting <f...@debian.org>

We believe that the bug you reported is fixed in the latest version of
davical, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 703...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Florian Schlichting <f...@debian.org> (supplier of updated davical package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 01 Mar 2021 21:24:31 +0800
Source: davical
Architecture: source
Version: 1.1.10-1
Distribution: unstable
Urgency: medium
Maintainer: Davical Development Team <davical-de...@lists.sourceforge.net>
Changed-By: Florian Schlichting <f...@debian.org>
Closes: 703388
Changes:
 davical (1.1.10-1) unstable; urgency=medium
 .
   * New upstream release (closes: #703388)
   * Depend on AWL 0.62
   * Bump debhelper compat to level 13 (no changes necessary)
   * Bump d/watch to version 4 (no changes necessary)
   * Update copyright years
   * Add Rules-Requires-Root: no
   * Declare compliance with Debian Policy 4.5.1
Checksums-Sha1:
 bba0f347b273af7142721244537106f95d834ebf 2084 davical_1.1.10-1.dsc
 fb49eac7adede7eb7304d2080558ea0fdbc6eb05 1367356 davical_1.1.10.orig.tar.xz
 1953ecb85239a3f710fcbc27bcbe4a7e2b5fe296 12948 davical_1.1.10-1.debian.tar.xz
 84871a2718f9fcdbff7fdc0d91b2b05fed17dc4f 6849 davical_1.1.10-1_amd64.buildinfo
Checksums-Sha256:
 f5e956470f55aedd4df41296f9d6108c19933dad5d21d5edd37a2793761d97bc 2084 
davical_1.1.10-1.dsc
 0343b2b37d30a67e9573f67add842afb64454054a3a0dd96cfe2678c4ae11fb5 1367356 
davical_1.1.10.orig.tar.xz
 c891a26f14daaa7472431a281fea9b67f0d6dce3f6f34448e0c1602bb0c34a6a 12948 
davical_1.1.10-1.debian.tar.xz
 055eb63d1bcfda24ee50350baf7586f04fa260803370366c3b79dba105b79659 6849 
davical_1.1.10-1_amd64.buildinfo
Files:
 cbb5c3f403ebf63de8149b50bcb2e416 2084 web optional davical_1.1.10-1.dsc
 ce04d22d738539d64ab13de6d7e5bf9d 1367356 web optional 
davical_1.1.10.orig.tar.xz
 abf65ff4ccdf725b99f53610bde831cf 12948 web optional 
davical_1.1.10-1.debian.tar.xz
 f407271fd175ffb007e16e6d045401c5 6849 web optional 
davical_1.1.10-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEMLI8i05qOwnqprZSEpc7bnLcB7UFAmA87ekACgkQEpc7bnLc
B7XMLhAAh3raarpA075q5HiVnylSv3BKwvx+z9HGKnWqpuKWNlILG8tSikmx1TAb
Czmff9YCmL5KaTRewZJw/dLmd+dkooV3yuVcdyf2xd3tmFjplZ3gcR4JlQkC26UO
xVk2CW7CgqgJUXLQI63th25fjg2rAe+Q9YEM1nMXErjUACUrdGtBxeUtHKB2+QN0
BpYXhdbo0WNdTAOeoDrDA/JGC1tczeXOXn2JuPGhPARc28ktxNEZSMtU94twM6Ga
q8dP63dbyFd6ZkrTeNKjsUNFhNFaf7QSlP9IJvRQ/j+YRBvNOz9wtqU+C19TATKj
4t4piFwS8gFeVDiVI3usepgX8XWnpKMpQi1EoTfaJZoA01j9T2AqgCoMzTp98Xgt
TrkYkmVABKDUwyS3lDJRkYOCZjwGsl/3GNoNWY0qT4bo3iILEFUQ0dHugslBNWrT
eoDGyMhPxXQo2Urv0KwBDCAYYNNTb8duKGaEQzki8GTR+/5MAC0pAHRaTcuPDeEz
vfFgCLtresvNTCSjtmbYA/FYD4DrL++xd8vG+IIKTuDXlBh80BS4ay/mMlUrICsu
b+xpqpLtzetI0K0wKMhy10jxlZJGqLvQtd+4of2yw/a0afGsatO8i1L9AXnrdEJq
Mjhx4Vfw1TKIYefB5wrvOvv6lHRtfN2knF1Tptd9uqJLcjhsy0I=
=kL25
-----END PGP SIGNATURE-----

--- End Message ---