Bug#421503: telnetd-ssl resets ssl settings on upgrade
* Ian Beckwith [Fri, 10 Aug 2007 22:46:43 +0100]: On Wed, Aug 08, 2007 at 08:59:50PM +0200, Adeodato Simó wrote: I've reviewd the package. Everything looks fine, but there's one thing I don't understand (but I'm not very well versed on update-inetd, so that's the likely cause): why you only keep the arguments if the telnet inetd.conf line was *disabled*?: args=`grep '^#off#.*/usr/sbin/in.telnetd' etc. ^^^ Because at that point the prerm has already run and disabled the inetd entry. Oh, right, thanks for the clarification. I've uploaded the package. Cheers, -- Adeodato Simó dato at net.com.org.es Debian Developer adeodato at debian.org Listening to: Eric Clapton - Sick and tired
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Sat, Aug 11, 2007 at 10:22:50AM +0200, Adeodato Simó wrote: Oh, right, thanks for the clarification. I've uploaded the package. Thanks! Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: A Silver Mt. Zion - Could've Moved Mountains... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Wed, Aug 08, 2007 at 08:59:50PM +0200, Adeodato Simó wrote: * Ian Beckwith [Mon, 06 Aug 2007 19:22:07 +0100]: dget http://nessie.mcc.ac.uk/~ianb/debian/netkit-telnet-ssl_0.17.24+0.1-18.dsc Hello Ian, I've reviewd the package. Everything looks fine, but there's one thing I don't understand (but I'm not very well versed on update-inetd, so that's the likely cause): why you only keep the arguments if the telnet inetd.conf line was *disabled*?: args=`grep '^#off#.*/usr/sbin/in.telnetd' etc. ^^^ Because at that point the prerm has already run and disabled the inetd entry. Btw, instead of sed 's/.*\/usr\/sbin\/in.telnetd\(.*\)/\1/'`, you can do sed 's#.*/usr/sbin/in.telnetd...#\1#', or eny other character instead of #, like , or |. Thanks, I knew you could do that in perl, but I didn't realise sed supported it too. Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Tom Waits - Orphans (Disc 1-Brawlers) - Sea of Love -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
* Ian Beckwith [Mon, 06 Aug 2007 19:22:07 +0100]: dget http://nessie.mcc.ac.uk/~ianb/debian/netkit-telnet-ssl_0.17.24+0.1-18.dsc Hello Ian, I've reviewd the package. Everything looks fine, but there's one thing I don't understand (but I'm not very well versed on update-inetd, so that's the likely cause): why you only keep the arguments if the telnet inetd.conf line was *disabled*?: args=`grep '^#off#.*/usr/sbin/in.telnetd' etc. ^^^ Btw, instead of sed 's/.*\/usr\/sbin\/in.telnetd\(.*\)/\1/'`, you can do sed 's#.*/usr/sbin/in.telnetd...#\1#', or eny other character instead of #, like , or |. Cheers, -- Adeodato Simó dato at net.com.org.es Debian Developer adeodato at debian.org A black cat crossing your path signifies that the animal is going somewhere. -- Groucho Marx
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Thu, Aug 02, 2007 at 10:13:19PM +0200, Adeodato Sim?? wrote: How's this upload going? If you're sponsor is busy or not available, I could review and upload if everything is fine. Hi. I've prepared that upload I mentioned, with the fixes suggested by my AM, plus some things lintian picked up. Files are at: dget http://nessie.mcc.ac.uk/~ianb/debian/netkit-telnet-ssl_0.17.24+0.1-18.dsc Changelog: netkit-telnet-ssl (0.17.24+0.1-18) unstable; urgency=low * debian/control: + Added ${misc:Depends} to Depends. + Updated long description. * debian/rules: + Use $(CURDIR) instead of `pwd`. + Only run make distclean if MCONFIG exists, instead of ignoring return code. * Change telnet-ssl menu section to match new menu policy. * Bump debhelper compat level to 5. -- Ian Beckwith [EMAIL PROTECTED] Mon, 06 Aug 2007 17:19:38 +0100 When you rebuild, please use -v0.17.24+0.1-16 to ensure the Closes: from -17 gets picked up. Many thanks, Ian. PS My MUA seems to have mangled your name, sorry about that, I really need to sort out the config. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Mono - You Are There - The Flames Beyond The Cold Mountain signature.asc Description: Digital signature
Bug#421503: telnetd-ssl resets ssl settings on upgrade
* Ian Beckwith [Mon, 14 May 2007 03:19:41 +0100]: tags 421503 + pending thanks On Sun, Apr 29, 2007 at 02:19:29PM -0400, Shaya Potter wrote: However, every time it gets upgraded, this gets reset. to which I replied: : The good news is it doesn't happen on every upgrade, only on upgrades : from versions before the last change of the inetd line format. However, I've just realised you are right, if in.telnetd is given arguments in /etc/inetd.conf, the entry is rewritten on every upgrade. I've fixed this, added code to propagate inetd.conf in.telnetd arguments across upgrades, and asked my sponsor to upload. How's this upload going? If you're sponsor is busy or not available, I could review and upload if everything is fine. Cheers, -- Adeodato Simó dato at net.com.org.es Debian Developer adeodato at debian.org Listening to: Boards of Canada - Skyliner
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Thu, Aug 02, 2007 at 10:13:19PM +0200, Adeodato Simó wrote: How's this upload going? If you're sponsor is busy or not available, I could review and upload if everything is fine. Thanks. My sponsor never replied, and I've been meaning to prod him. There are a few minor packaging changes my AM suggested I make during the NM package review. I'll prepare a new package with the changes this weekend and email you. thanks, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Death in Vegas - The Contino Sessions - Dirge -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Sun, May 13, 2007 at 10:23:04PM -0400, Shaya Potter wrote: another thing to do would be to have it managed via debconf? I'm reluctant to do this as it means more questions for everyone who installs it to answer (there have been grumbles on the lists about 'debconf proliferation'), plus work for all the translators who would need to translate the debconf template. If enough people ask for this, I'll reconsider it. cheers, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Sisters of Mercy - When You Don't See Me (Remix) (Bonus Track) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
tags 421503 + pending thanks On Sun, Apr 29, 2007 at 02:19:29PM -0400, Shaya Potter wrote: However, every time it gets upgraded, this gets reset. to which I replied: : The good news is it doesn't happen on every upgrade, only on upgrades : from versions before the last change of the inetd line format. However, I've just realised you are right, if in.telnetd is given arguments in /etc/inetd.conf, the entry is rewritten on every upgrade. I've fixed this, added code to propagate inetd.conf in.telnetd arguments across upgrades, and asked my sponsor to upload. cheers, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA Listening to: Death in Vegas - Dead Elvis - Rematerialised -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#421503: telnetd-ssl resets ssl settings on upgrade
Processing commands for [EMAIL PROTECTED]: tags 421503 + pending Bug#421503: telnetd-ssl resets ssl settings on upgrade There were no tags set. Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
On Sun, Apr 29, 2007 at 02:19:29PM -0400, Shaya Potter wrote: i use telnetd-ssl and modify inetd.conf to only allow ssl secured connections. However, every time it gets upgraded, this gets reset. This would seem to be a major security hole to me. erm, good point. The good news is it doesn't happen on every upgrade, only on upgrades from versions before the last change of the inetd line format. The bad news is that this last happened in version 0.17.24+0.1-14, which means that sarge-etch upgrades will have this problem. The damage is already done, but in the next upload I'll add code to preserve the arguments to telnetd-ssl. thanks for the report, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#421503: telnetd-ssl resets ssl settings on upgrade
Package: telnetd-ssl Version: 0.17.24+0.1-16 Severity: critical i use telnetd-ssl and modify inetd.conf to only allow ssl secured connections. However, every time it gets upgraded, this gets reset. This would seem to be a major security hole to me. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (650, 'testing'), (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages telnetd-ssl depends on: ii adduser 3.102Add and remove users and groups ii base-files 4.0 Debian base system miscellaneous f ii dpkg1.13.25 package maintenance system for Deb ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libncurses5 5.5-5Shared libraries for terminal hand ii libssl0.9.8 0.9.8e-4 SSL shared libraries ii openbsd-inetd [inet-superse 0.20050402-6 The OpenBSD Internet Superserver ii openssl 0.9.8e-4 Secure Socket Layer (SSL) binary a ii passwd 1:4.0.18.1-7 change and administer password and telnetd-ssl recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]