Your message dated Wed, 03 Sep 2003 16:26:06 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#197576: fixed in openssh 1:3.6.1p2-6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Jun 2003 04:08:24 +0000
>From [EMAIL PROTECTED] Sun Jun 15 23:08:14 2003
Return-path: <[EMAIL PROTECTED]>
Received: from (sat.sws.net.au) [202.5.161.49]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 19RlHu-0001b6-00; Sun, 15 Jun 2003 23:08:11 -0500
Received: from localhost (localhost [127.0.0.1])
by sat.sws.net.au (Postfix) with ESMTP
id DDB74BF2C; Mon, 16 Jun 2003 14:08:07 +1000 (EST)
Received: from sat.sws.net.au ([127.0.0.1])
by localhost (sat [127.0.0.1:10024]) (amavisd-new) with ESMTP id 21865-02;
Mon, 16 Jun 2003 14:08:06 +1000 (EST)
Received: from tsv.sws.net.au (tsv.sws.net.au [61.95.69.2])
by sat.sws.net.au (Postfix) with ESMTP
id 8EE65BF25; Mon, 16 Jun 2003 14:08:06 +1000 (EST)
Received: from lyta.coker.com.au (localhost [127.0.0.1])
by tsv.sws.net.au (Postfix) with ESMTP
id 1C04992740; Mon, 16 Jun 2003 14:08:06 +1000 (EST)
Received: by lyta.coker.com.au (Postfix, from userid 1001)
id 2195D888B; Mon, 16 Jun 2003 14:08:02 +1000 (EST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Russell Coker <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: ssh: Should not run "sshd -t" if sshd_not_to_be_run exists.
X-Mailer: reportbug 2.10.1
Date: Mon, 16 Jun 2003 14:08:02 +1000
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new-20021227-p2 (Debian)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Status: No, hits=-6.0 required=4.0
tests=BAYES_01,HAS_PACKAGE
version=2.53-bugs.debian.org_2003_06_10
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_06_10
(1.174.2.15-2003-03-30-exp)
Package: ssh
Version: 1:3.6.1p2-3
Severity: normal
If the file /etc/ssh/sshd_not_to_be_run exists then sshd should not be run for
any reason. Running "sshd -t" may fail and may abort the upgrade of the
package.
If someone wants no ssh server then there is no reason to compel them to have
a valid configuration.
Also SE Linux users who have configured their machine for sshd to be run from
inetd will not grant the sshd access to the config files if run from an init
script. I don't expect you to make a change solely for SE Linux users, but I
think that the general objection that people who don't use sshd should not
require a valid configuration is a good enough justification for the change.
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux lyta 2.4.21-rc8-se #1 Thu Jun 12 19:52:38 EST 2003 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages ssh depends on:
ii adduser 3.50 Add and remove users and groups
ii debconf 1.2.41 Debian configuration management sy
ii libc6 2.3.1-17 GNU C Library: Shared libraries an
ii libpam-modules 0.76-11 Pluggable Authentication Modules f
ii libpam0g 0.76-11 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7b-2 SSL shared libraries
ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.1.4-12 compression library - runtime
-- debconf information excluded
---------------------------------------
Received: (at 197576-close) by bugs.debian.org; 3 Sep 2003 20:40:48 +0000
>From [EMAIL PROTECTED] Wed Sep 03 15:40:47 2003
Return-path: <[EMAIL PROTECTED]>
Received: from auric.debian.org [206.246.226.45]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 19ueQp-0005wi-00; Wed, 03 Sep 2003 15:40:47 -0500
Received: from katie by auric.debian.org with local (Exim 3.35 1 (Debian))
id 19ueCc-0005eD-00; Wed, 03 Sep 2003 16:26:06 -0400
From: Colin Watson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.35 $
Subject: Bug#197576: fixed in openssh 1:3.6.1p2-6
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Wed, 03 Sep 2003 16:26:06 -0400
Delivered-To: [EMAIL PROTECTED]
Source: openssh
Source-Version: 1:3.6.1p2-6
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:
openssh_3.6.1p2-6.diff.gz
to pool/main/o/openssh/openssh_3.6.1p2-6.diff.gz
openssh_3.6.1p2-6.dsc
to pool/main/o/openssh/openssh_3.6.1p2-6.dsc
ssh-askpass-gnome_3.6.1p2-6_i386.deb
to pool/main/o/openssh/ssh-askpass-gnome_3.6.1p2-6_i386.deb
ssh_3.6.1p2-6_i386.deb
to pool/main/o/openssh/ssh_3.6.1p2-6_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <[EMAIL PROTECTED]> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 3 Sep 2003 19:14:02 +0100
Source: openssh
Binary: ssh-askpass-gnome ssh
Architecture: source i386
Version: 1:3.6.1p2-6
Distribution: unstable
Urgency: medium
Maintainer: Matthew Vernon <[EMAIL PROTECTED]>
Changed-By: Colin Watson <[EMAIL PROTECTED]>
Description:
ssh - Secure rlogin/rsh/rcp replacement (OpenSSH)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 99168 192207 193546 197576 208036
Changes:
openssh (1:3.6.1p2-6) unstable; urgency=medium
.
* Use a more CVS-friendly means of setting SSH_VERSION.
* Update Brazilian Portuguese debconf template translation (thanks, Andre
Luis Lopes; closes: #208036).
* Don't run 'sshd -t' in init script if the server isn't to be run
(closes: #197576).
* Fix login delay, spurious auth.log entry, and PermitRootLogin
information leakage due to PAM issues with upstream's recent security
update (thanks, Darren Tucker; closes: #99168, #192207, #193546).
* Policy version 3.6.1: recode this changelog to UTF-8.
Files:
79a152667d63253e2086fa31f78425f1 847 net standard openssh_3.6.1p2-6.dsc
0ed10571bcc3518bd5c10fd8f6418438 80668 net standard openssh_3.6.1p2-6.diff.gz
5ae4629042fc19ef0f5b422ddc5bd6e2 645280 net standard ssh_3.6.1p2-6_i386.deb
9a738e3aa3c8bd9512e5166772b4b65e 42648 gnome optional
ssh-askpass-gnome_3.6.1p2-6_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Colin Watson <[EMAIL PROTECTED]> -- Debian developer
iD8DBQE/VjhV9t0zAhD6TNERAnPdAJwJY8w0hKP7YjqCIXX88LtblA9sggCeMSar
uMuo5E2Omu+KC+f0zFA50xc=
=Lwmi
-----END PGP SIGNATURE-----
