Your message dated Thu, 16 May 2013 13:33:13 +0000 with message-id <[email protected]> and subject line Bug#708419: fixed in openssh 1:6.2p2-1 has caused the Debian Bug report #708419, regarding openssh-client: ssh-copy-id can "rm -f *" if mktemp fails to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 708419: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708419 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: openssh-client Version: 1:6.2p1-1 Severity: serious Tags: upstream Justification: leads to data loss Hi, ssh-copy-id uses "local" while pretending to be POSIX compliant (/bin/sh as a shebang). Unfortunately, lack of error handling meands that this isn't caught: local L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX) trap "rm -f $L_TMP_ID_FILE*" EXIT TERM INT QUIT mktemp succeeds but dash doesn't like local: | $ dash | $ local foo=bar | dash: 1: local: not in a function | $ echo $foo | | $ Which leads to: rm -f * => Nasty! Traced back to 1:6.2p1-1 due to: - Update ssh-copy-id to Phil Hands' greatly revised version (closes: #99785, #322228, #620428; LP: #518883, #835901, #1074798). (Tagging "upstream" as it's also mention in upstream's ChangeLog.) debdiffing both 6.1p1-4 and 1:6.2p1-1 confirms that the regression was introduced in the latter (there was no "local" before). Mraw, KiBi.
--- End Message ---
--- Begin Message ---Source: openssh Source-Version: 1:6.2p2-1 We believe that the bug you reported is fixed in the latest version of openssh, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson <[email protected]> (supplier of updated openssh package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 16 May 2013 14:05:06 +0100 Source: openssh Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source i386 all Version: 1:6.2p2-1 Distribution: unstable Urgency: low Maintainer: Debian OpenSSH Maintainers <[email protected]> Changed-By: Colin Watson <[email protected]> Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 708275 708419 Changes: openssh (1:6.2p2-1) unstable; urgency=low . * New upstream release (http://www.openssh.com/txt/release-6.2p2): - Only warn for missing identity files that were explicitly specified (closes: #708275). - Fix bug in contributed contrib/ssh-copy-id script that could result in "rm *" being called on mktemp failure (closes: #708419). Checksums-Sha1: 794ba4b5229d1626af4a873b421d4961590d6032 2571 openssh_6.2p2-1.dsc c2b4909eba6f5ec6f9f75866c202db47f3b501ba 1182922 openssh_6.2p2.orig.tar.gz e825ac0931eaa0c67152aa8a2d9e841d0fae64eb 253166 openssh_6.2p2-1.debian.tar.gz 928afd6d5b43dc0530dc3da62850ae9c7fccd5ce 1082484 openssh-client_6.2p2-1_i386.deb b693680a48fc250b7ed23da97a5cc210ecb9f7d9 361336 openssh-server_6.2p2-1_i386.deb 2ca3eefd60ae6f01b50b863e8918e417ce7bcd50 1252 ssh_6.2p2-1_all.deb c05b684d261c13cf7bca276a5d18d7de25b7268d 102644 ssh-krb5_6.2p2-1_all.deb 593d9140c35ffa813ac85e4d69d7bb3f4efdc6b7 110516 ssh-askpass-gnome_6.2p2-1_i386.deb e062b973b9767944013f50c818da6e7aca37adc9 183002 openssh-client-udeb_6.2p2-1_i386.udeb 0f4dc77f03cded3f0270de8f5124d1ff6a50f01b 208336 openssh-server-udeb_6.2p2-1_i386.udeb Checksums-Sha256: 5b81f3e5e61521139771a484fecf815f4dee400e6342abf2584749aa9717c34f 2571 openssh_6.2p2-1.dsc 7f29b9d2ad672ae0f9e1dcbff871fc5c2e60a194e90c766432e32161b842313b 1182922 openssh_6.2p2.orig.tar.gz 10215caabdb6284c3ea1794aca87db347e05398622a7ba7114dca45b2d515a50 253166 openssh_6.2p2-1.debian.tar.gz 1a6d531323e83e82abb317ddb3465e4fda48919f55c48f591a44714d6366e8ea 1082484 openssh-client_6.2p2-1_i386.deb 322b96c9d92b0863576ba9fc37ee67e2441d8d856a12e9288fe0c12c607fc3ef 361336 openssh-server_6.2p2-1_i386.deb ecf99d042011217d1372298340661804d2c60e1612b407609894b91746afc052 1252 ssh_6.2p2-1_all.deb e23d9c2f96bb09aa040a58ab601714f33a033e7eeae08cdeb177713e1926645d 102644 ssh-krb5_6.2p2-1_all.deb 6e5d6c9840d92e08ddc4a858287535566131165224cefa0e987bf932ffb12655 110516 ssh-askpass-gnome_6.2p2-1_i386.deb fcaf21732a10d32b2a5a2cf811711c6aec35ea069eb03fa37712d38c279c0bc7 183002 openssh-client-udeb_6.2p2-1_i386.udeb 80002bb0a6869d795ad51d7ff51fb60bec6bc1daa35214daeaf595d227caa02f 208336 openssh-server-udeb_6.2p2-1_i386.udeb Files: 069902610d4f64b5963ec87a5b0ede77 2571 net standard openssh_6.2p2-1.dsc be46174dcbb77ebb4ea88ef140685de1 1182922 net standard openssh_6.2p2.orig.tar.gz 56584350fd63c3df0a55f1567de2b729 253166 net standard openssh_6.2p2-1.debian.tar.gz 9ab22767ac85a970c5cb1922e23d1a44 1082484 net standard openssh-client_6.2p2-1_i386.deb d8e21f5f42e149d6679af2a32adc6f10 361336 net optional openssh-server_6.2p2-1_i386.deb 7758d29ffb134597c6e243c0414a780d 1252 net extra ssh_6.2p2-1_all.deb 6865e1cef4bcbb9534e451d019a15519 102644 oldlibs extra ssh-krb5_6.2p2-1_all.deb fe0c55e90825a3a9e8f14c4a7a33df5c 110516 gnome optional ssh-askpass-gnome_6.2p2-1_i386.deb f559ed171df45818b0ead0a368291075 183002 debian-installer optional openssh-client-udeb_6.2p2-1_i386.udeb fdca32b4c5ca02815b0ff4da21dceddf 208336 debian-installer optional openssh-server-udeb_6.2p2-1_i386.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Colin Watson <[email protected]> -- Debian developer iQIVAwUBUZTbHzk1h9l9hlALAQgAfRAAnO75/ReBARQMFOjSRYZXMIfUXXhUzQmj YlWeoy7HhLmlZdJOJSOHenAEGYzeW3w4CnRyseUQFhLXnfsIkNPVVORTlErNuPAa 9veI7u6hG3XOSvkmEl6gLCA0Rjir4IhGBaw9Q8TRfqmys8PW1U6xtiSc34MZXaXJ SXeFZon2/PqkJ59/FHGtNKfCzlELnHQV2tgnuadvc1TGGgziBtHM4KJRO623EXIs brGPbP8loIXac7s2tx2eJLwIzXQxbNDWrVW9l2gum/D56b3mPLdezwKndH+7eMOG LrLVNcTrjfIyZuvX2FpMOEmxmsalyf0iOU77dOFqufAJVTiyMaE0Y535alPu/V9J OXlXJ7c0n2gDlA/bHTlfwoYSlj1xog9dRiMma6Tw3REU1BztM5SK9po1mw0XpnEr Hu7XtrtvE5m/ai/fjvPekULJC/XD/OIhKwGl6qWWbEHE0Yr/8L3NN/zwIheDHxmj nggAtZw7M2VmFo5wq+3FYVt5zHM3GP9fnuDLFTzPEr7EGDZMpgAyjiQi09LfG/Zb EcUQn1ELJysDGwa0XK6zrYJXqaFxZHuMlW/IZ61aydbnrErWTQxGnVsFvCutPUrt XT2n3sTqH9DB9zG4wFNvXCPEKvLPhJ8Emr34YRFuxjjYi9ro4QEtWr/ZHc+Pfm3O a9nVnjihHGw= =HFV1 -----END PGP SIGNATURE-----
--- End Message ---
