Your message dated Sun, 05 Oct 2008 09:17:08 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#433996: fixed in sabre 0.2.4b-25
has caused the Debian Bug report #433996,
regarding unsecure usage of /tmp files
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
433996: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433996
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: xsabre
Version: 0.2.4b-23
Severity: important
When you run XRunSabre, it leaves /tmp/sabre.log .
This file has you as the owner and your default permissions.
Typically, no one else can remove or overwrite it.
The next person who runs XRunSabre then has trouble,
because the actual simulator will not start when that
file exists and is unwriteable. You can use the menus,
but when you start a mission, it terminates silently
without explanation.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.21-2-686 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages xsabre depends on:
ii dialog 1.1-20070604-1 Displays user-friendly dialog boxe
ii gnome-terminal [x-termi 2.18.1-1 The GNOME 2 terminal emulator appl
ii konsole [x-terminal-emu 4:3.5.7-1 X terminal emulator for KDE
ii libc6 2.6-2 GNU C Library: Shared libraries
ii libgcc1 1:4.2-20070712-1 GCC support library
ii libncurses5 5.6-3 Shared libraries for terminal hand
ii libsdl1.2debian 1.2.11-8 Simple DirectMedia Layer
ii libstdc++6 4.2-20070712-1 The GNU Standard C++ Library v3
ii libsvga1 1:1.4.3-24 console SVGA display libraries
ii sabre-common 0.2.4b-23 data for the SABRE fighter plane s
ii xfce4-terminal [x-termi 0.2.6-2 Xfce terminal emulator
ii xterm [x-terminal-emula 226-1 X terminal emulator
xsabre recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: sabre
Source-Version: 0.2.4b-25
We believe that the bug you reported is fixed in the latest version of
sabre, which is due to be installed in the Debian FTP archive:
sabre-common_0.2.4b-25_all.deb
to pool/main/s/sabre/sabre-common_0.2.4b-25_all.deb
sabre_0.2.4b-25.diff.gz
to pool/main/s/sabre/sabre_0.2.4b-25.diff.gz
sabre_0.2.4b-25.dsc
to pool/main/s/sabre/sabre_0.2.4b-25.dsc
xsabre_0.2.4b-25_amd64.deb
to pool/main/s/sabre/xsabre_0.2.4b-25_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Evgeni Golov <[EMAIL PROTECTED]> (supplier of updated sabre package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 05 Oct 2008 10:33:06 +0200
Source: sabre
Binary: sabre-common sabre xsabre
Architecture: source all amd64
Version: 0.2.4b-25
Distribution: unstable
Urgency: low
Maintainer: Debian Games Team <[EMAIL PROTECTED]>
Changed-By: Evgeni Golov <[EMAIL PROTECTED]>
Description:
sabre - fighter plane simulator for svgalib
sabre-common - data for the SABRE fighter plane simulator
xsabre - fighter plane simulator for X11
Closes: 433996 478984
Changes:
sabre (0.2.4b-25) unstable; urgency=low
.
[ Evgeni Golov ]
* debian/patches/030_launch_scripts.diff:
+ Update the patch and use mktemp for creating temporary files.
Closes: #433996.
Fixes: CVE-2008-4407 (insecure temp file).
* debian/sabre.postinst:
+ Fix the call to dpkg-statoverride in the postinst.
+ Call "set -e" first.
* debian/sabre.postem:
+ Call "set -e" first.
* debian/control:
+ Add myself to uploaders
.
[ Barry deFreese ]
* Add .desktop file. (Closes: #478984).
+ Call dh_desktop
Checksums-Sha1:
fa53ba97ac6da0e821ac311b3b96471bc9bd1614 1385 sabre_0.2.4b-25.dsc
757099c2630af00b0510bb61ca2bb563596d147e 121400 sabre_0.2.4b-25.diff.gz
aa8a7a0f72739eb55f7c7da435bf6bf13bc9a26d 1788238 sabre-common_0.2.4b-25_all.deb
7acc90b6a9a63792187aa6a7bf2bf21189393786 262506 xsabre_0.2.4b-25_amd64.deb
Checksums-Sha256:
f1f2db70814c82b7b7d776c0c0ea3422844b9b0f390d35b6b9f2231673c2dcf7 1385
sabre_0.2.4b-25.dsc
597633c966bb6ea9de410021348abfd668eaf8dcab104f5be820324a26127797 121400
sabre_0.2.4b-25.diff.gz
4888680ba06c5943e88d616f031ae65b14bb94ea79d1b70e730f99a4abfb8c9e 1788238
sabre-common_0.2.4b-25_all.deb
82a24973a6814a1a19c4019bcacf3caa4522737713e402166247984a08862c9d 262506
xsabre_0.2.4b-25_amd64.deb
Files:
55830a0d89977b9234f141c41a1b532b 1385 games optional sabre_0.2.4b-25.dsc
017951f163a6070e42e574925aea2079 121400 games optional sabre_0.2.4b-25.diff.gz
d15652c089cf5d8d8d46b5c5f05bfcd7 1788238 games optional
sabre-common_0.2.4b-25_all.deb
9b9206f76d16331b173971cc489df15c 262506 games optional
xsabre_0.2.4b-25_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjohVkACgkQ5Sc9mGvjxCPG4gCgxQDlQXoebIPPRG5gVX7R9CYF
aLQAnjuEQb99IdL0vP2wrAS/C4aL9sLh
=lhvN
-----END PGP SIGNATURE-----
--- End Message ---
