Your message dated Wed, 11 Sep 2013 06:33:09 +0000
with message-id <[email protected]>
and subject line Bug#721744: fixed in lightdm 1.6.2-1
has caused the Debian Bug report #721744,
regarding Pollutes home with .Xauthority.* files (with bad permissions)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
721744: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721744
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: lightdm
Version: 1.6.0-3
Severity: important
I noticed this issue a couple of months ago.
lightdm likes to create (backup?) copies of .Xauthority files for some reason.
I never paid attention to the dynamics, but I have a dozen .Xauthority.* files
in my ~ which look like stale cookies and/or temporary files created by
mkstemp(2) or a similar function.
Moreover, all these files, *including* the current .Xauthority file are created
0644, which is a (grave) security issue by itself.
This effect also seems to be reported in ubuntu, with no action:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1175023
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (900, 'unstable'), (800, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.10-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages lightdm depends on:
ii adduser 3.113+nmu3
ii consolekit 0.4.5-3.1
ii dbus 1.6.12-1
ii debconf [debconf-2.0] 1.5.51
ii libc6 2.17-92+b1
ii libgcrypt11 1.5.3-2
ii libglib2.0-0 2.36.4-1
ii libpam0g 1.1.3-9
ii libxcb1 1.9.1-3
ii libxdmcp6 1:1.1.1-1
ii lightdm-gtk-greeter [lightdm-greeter] 1.6.0-1
Versions of packages lightdm recommends:
ii xserver-xorg 1:7.7+3
Versions of packages lightdm suggests:
pn accountsservice <none>
pn upower <none>
-- debconf information:
lightdm/daemon_name: /usr/sbin/lightdm
* shared/default-x-display-manager: lightdm
--- End Message ---
--- Begin Message ---
Source: lightdm
Source-Version: 1.6.2-1
We believe that the bug you reported is fixed in the latest version of
lightdm, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Yves-Alexis Perez <[email protected]> (supplier of updated lightdm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Sep 2013 07:41:13 +0200
Source: lightdm
Binary: lightdm lightdm-vala liblightdm-gobject-1-0 liblightdm-qt-2-0
liblightdm-gobject-dev liblightdm-qt-dev gir1.2-lightdm-1
Architecture: source amd64
Version: 1.6.2-1
Distribution: unstable
Urgency: low
Maintainer: Debian Xfce Maintainers <[email protected]>
Changed-By: Yves-Alexis Perez <[email protected]>
Description:
gir1.2-lightdm-1 - Typelib file for liblightdm-1
liblightdm-gobject-1-0 - simple display manager (gobject library)
liblightdm-gobject-dev - simple display manager (gobject development files)
liblightdm-qt-2-0 - simple display manager (Qt library)
liblightdm-qt-dev - simple display manager (Qt development files)
lightdm - simple display manager
lightdm-vala - simple display manager (Vala files)
Closes: 711378 721744
Changes:
lightdm (1.6.2-1) unstable; urgency=low
.
[ Yves-Alexis Perez ]
* debian/po:
- update pl.po, thanks Michał Kułach. closes: #711378
* New upstream release.
- fix wrong permissions on .Xauthority file and don't pollute homedir with
temporary files. closes: #721744
* debian/watch updated to track 1.6 branch.
* debian/control:
- update standards version to 3.9.4.
.
[ Evgeni Golov ]
* Correct Vcs-* URLs to point to anonscm.debian.org
Checksums-Sha1:
d113631e1037d3f628b9e492b0d35ea7f551739a 2322 lightdm_1.6.2-1.dsc
c8ac1da36311b8425d4ccf382e66603cf55b22c8 430528 lightdm_1.6.2.orig.tar.xz
9eb268d85dcf98aa49e5479c4ea9d018227fdea3 33844 lightdm_1.6.2-1.debian.tar.gz
9adc5a6d08951832bae0924bf222f80980b5b3cd 118734 lightdm_1.6.2-1_amd64.deb
1da9a18fd3b02443c3125bd03ed02924dd598b68 16462 lightdm-vala_1.6.2-1_amd64.deb
c5ec982d4311f9557994e939df1464b2d28a39c2 38604
liblightdm-gobject-1-0_1.6.2-1_amd64.deb
0e67ddbd4e3410bc887c6c00734c0fc834f2f813 38664
liblightdm-qt-2-0_1.6.2-1_amd64.deb
c45455c2232af8ee18ef4d4fb57e754c3600946d 58346
liblightdm-gobject-dev_1.6.2-1_amd64.deb
f0180aef0534019e95beca9cb112c87f902b78e2 39422
liblightdm-qt-dev_1.6.2-1_amd64.deb
12cd0ce241621dd88474791d8716ce0405fd483d 18366
gir1.2-lightdm-1_1.6.2-1_amd64.deb
Checksums-Sha256:
293540e2dcd29787d3065cb41e06e788ce700ba2cd351e310c63de6a67642364 2322
lightdm_1.6.2-1.dsc
b0de1dc81bb5ce81800feafb9fbc7806ef4dfc83733f0df058568e55b8a045f3 430528
lightdm_1.6.2.orig.tar.xz
c22868e0474641130ee538fa947e8bce987c0d7a730a7b0435e916e14bddc3ab 33844
lightdm_1.6.2-1.debian.tar.gz
4ccd31450e9f4fce4633cce68eed70de6b1e91a215195cad764d794bc2344c10 118734
lightdm_1.6.2-1_amd64.deb
2299eebc7bf666a2f55788aa4f45ebba67912233ce32a009609c72eefe17ec1f 16462
lightdm-vala_1.6.2-1_amd64.deb
b1042cbba2f51249427e2de4e4af8db273f0c1a02451fcf77f3c0f402977b1d3 38604
liblightdm-gobject-1-0_1.6.2-1_amd64.deb
0ff524c4d1ed2e4761f9c5652a1fe4f5ad82d4e1832741245417803eb3dacffb 38664
liblightdm-qt-2-0_1.6.2-1_amd64.deb
d39233a9bcbebdc46cb82a95a8f5fdc6ee49e9cc21b765011f6bc38f9f0c55b6 58346
liblightdm-gobject-dev_1.6.2-1_amd64.deb
4022201644b05932031a1369ef17d04a866b835fefbb9ab778da0a035da97a84 39422
liblightdm-qt-dev_1.6.2-1_amd64.deb
d3f6b99e19281b87b3cd460b3233b930a8e32f868270a5313249211c78b44460 18366
gir1.2-lightdm-1_1.6.2-1_amd64.deb
Files:
135bc2f1353798930b623305deaf8c9c 2322 x11 optional lightdm_1.6.2-1.dsc
5e7a5c10b58c61d2124c5e5d011ee8e0 430528 x11 optional lightdm_1.6.2.orig.tar.xz
97257c4fbdd4d9725919d48f26641209 33844 x11 optional
lightdm_1.6.2-1.debian.tar.gz
1ee2f8f3eb1f8432d90b3ef6e927c327 118734 x11 optional lightdm_1.6.2-1_amd64.deb
e63aabad5f5499548f8962bdd6ea88c1 16462 x11 optional
lightdm-vala_1.6.2-1_amd64.deb
981901dfdffd765aaebcbf082fe29a14 38604 libdevel optional
liblightdm-gobject-1-0_1.6.2-1_amd64.deb
f472f852d81a972240dde70dc1cf2f12 38664 libdevel optional
liblightdm-qt-2-0_1.6.2-1_amd64.deb
deb3334b25a9ea2b260ad34587f0dc76 58346 libdevel optional
liblightdm-gobject-dev_1.6.2-1_amd64.deb
17cfe825afc6ebf7075f71de51e0d72d 39422 libdevel optional
liblightdm-qt-dev_1.6.2-1_amd64.deb
12e4fd5335284dcb8c2125c4fc58cc8e 18366 libs optional
gir1.2-lightdm-1_1.6.2-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)
iQEcBAEBCgAGBQJSMAqqAAoJEG3bU/KmdcClKfMH+QHP8SFAEuoDwDzsoQHknU1h
2O7SR7D2NeTjGJBClw25LaIaIQZBZibWH6c4Rsfeb0/vjK4H+2Cef9Y6UfHAQNN+
Wx8g5lDc98gLM5dOdwDDvWtZ9Og4qU4fLPve3r0MrvPjCz2B7khezn0wkFHcUzBQ
uDQr1P8o7gbnT9F7qnkg0Qg99GN2WTWQRUCcNFwOTz8SBElxLAZC/H0UcHnIIMMa
LbUS0nXApBYMThLZDruo2g98ik/u8NzmBY2CaEPPUJKyskWTE6h7x40F01YL9vR/
0kBdQ9kQQFCIiBu4+spQJV21klhSLye9K1uDN6euAuwNsGD4BrS8ZJcCkmuC3x8=
=6Apn
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-xfce-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-xfce-devel
