Your message dated Sat, 20 Oct 2012 18:35:11 +0200
with message-id <[email protected]>
and subject line Re: Bug#691044: unblock: extplorer/2.1.0b6+dfsg.3-4
has caused the Debian Bug report #691044,
regarding unblock: extplorer/2.1.0b6+dfsg.3-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
691044: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691044
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package extplorer unblock extplorer/2.1.0b6+dfsg.3-4
The only change is adding the sticky bit to /var/lib/extplorer/ftp_tmp.
Debdiff attached.
Sorry for not uploading such trivial fix earlier.
Cheers,
Thomas
Note that I believe the FTP mode is anyway broken in Debian, so I don't
think any Debian setup is affected, but let's play it safe and have the
fix go to testing.
diff -Nru extplorer-2.1.0b6+dfsg.3/debian/changelog extplorer-2.1.0b6+dfsg.3/debian/changelog
--- extplorer-2.1.0b6+dfsg.3/debian/changelog 2012-06-24 09:41:06.000000000 +0000
+++ extplorer-2.1.0b6+dfsg.3/debian/changelog 2012-10-20 15:53:51.000000000 +0000
@@ -1,3 +1,9 @@
+extplorer (2.1.0b6+dfsg.3-4) unstable; urgency=low
+
+ * Sets the stick bit on /var/lib/extplorer/ftp_tmp (Closes: #683649).
+
+ -- Thomas Goirand <[email protected]> Sat, 20 Oct 2012 15:51:50 +0000
+
extplorer (2.1.0b6+dfsg.3-3) unstable; urgency=high
* Fixes an Cross Site Request forgery security problem if user is logged
diff -Nru extplorer-2.1.0b6+dfsg.3/debian/postinst extplorer-2.1.0b6+dfsg.3/debian/postinst
--- extplorer-2.1.0b6+dfsg.3/debian/postinst 2012-06-24 09:41:06.000000000 +0000
+++ extplorer-2.1.0b6+dfsg.3/debian/postinst 2012-10-20 15:53:51.000000000 +0000
@@ -3,7 +3,7 @@
set -e
mkdir -p /var/lib/extplorer/ftp_tmp
-chmod 777 /var/lib/extplorer/ftp_tmp
+chmod 1777 /var/lib/extplorer/ftp_tmp
touch /etc/extplorer/.htusers.php
chmod 664 /etc/extplorer/.htusers.php
--- End Message ---
--- Begin Message ---
On 2012-10-20 17:55, Thomas Goirand wrote:
> Package: release.debian.org
> Severity: normal
> User: [email protected]
> Usertags: unblock
>
> Please unblock package extplorer unblock extplorer/2.1.0b6+dfsg.3-4
> The only change is adding the sticky bit to /var/lib/extplorer/ftp_tmp.
> Debdiff attached.
>
> Sorry for not uploading such trivial fix earlier.
>
> Cheers,
>
> Thomas
>
> Note that I believe the FTP mode is anyway broken in Debian, so I don't
> think any Debian setup is affected, but let's play it safe and have the
> fix go to testing.
Unblocked, thanks.
~Niels
--- End Message ---
