Bug#683655: marked as done (gnome-keyring: gpg passphrase cached forever)

[Debian Bug Tracking System]

Your message dated Sun, 19 Aug 2012 21:03:02 +0000
with message-id <e1t3cee-0002bp...@franck.debian.org>
and subject line Bug#683655: fixed in gnome-keyring 3.4.1-5
has caused the Debian Bug report #683655,
regarding gnome-keyring: gpg passphrase cached forever
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
683655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683655
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: gnome-keyring
Version: 3.4.1-4
Severity: grave
Tags: security
Justification: user security hole

At some point gnome-keyring seemed to obey the configuration asking it
to stop caching passphrases after a while.  It no longer does.

$ gsettings list-recursively org.gnome.crypto.cache
org.gnome.crypto.cache gpg-cache-authorize false
org.gnome.crypto.cache gpg-cache-method 'idle'
org.gnome.crypto.cache gpg-cache-ttl 600

Yet I'm never asked for the passphrase again.

Cheers,
Julien

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable-updates'), (500, 
'proposed-updates'), (500, 'unstable'), (500, 'stable'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gnome-keyring depends on:
ii  dbus-x11                                     1.6.2-2
ii  dconf-gsettings-backend [gsettings-backend]  0.12.1-2
ii  gcr                                          3.4.1-3
ii  libc6                                        2.13-35
ii  libcap-ng0                                   0.6.6-2
ii  libcap2-bin                                  1:2.22-1.1
ii  libdbus-1-3                                  1.6.2-2
ii  libgck-1-0                                   3.4.1-3
ii  libgcr-3-1                                   3.4.1-3
ii  libgcrypt11                                  1.5.0-3
ii  libglib2.0-0                                 2.32.3-1
ii  libgtk-3-0                                   3.4.2-2

Versions of packages gnome-keyring recommends:
ii  libpam-gnome-keyring  3.4.1-4

gnome-keyring suggests no packages.

-- no debconf information

signature.asc
Description: Digital signature

--- End Message ---

--- Begin Message ---

Source: gnome-keyring
Source-Version: 3.4.1-5

We believe that the bug you reported is fixed in the latest version of
gnome-keyring, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 683...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laurent Bigonville <bi...@debian.org> (supplier of updated gnome-keyring 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 19 Aug 2012 22:01:53 +0200
Source: gnome-keyring
Binary: gnome-keyring libpam-gnome-keyring
Architecture: source amd64
Version: 3.4.1-5
Distribution: unstable
Urgency: low
Maintainer: Josselin Mouette <j...@debian.org>
Changed-By: Laurent Bigonville <bi...@debian.org>
Description: 
 gnome-keyring - GNOME keyring services (daemon and tools)
 libpam-gnome-keyring - PAM module to unlock the GNOME keyring upon login
Closes: 683655
Changes: 
 gnome-keyring (3.4.1-5) unstable; urgency=low
 .
   * d/p/0001-schema-Update-description-for-gpg-cache-method.patch,
     d/p/0002-gpg-agent-Hook-up-the-TTL-cache-option.patch,
     d/p/0003-secret-store-Mark-a-secret-item-as-used-when-accesse.patch:
     Properly expire caching of the GPG passphrases (Taken from upstream)
     (Closes: #683655, CVE-2012-3466)
Checksums-Sha1: 
 e1764fb4c9685d5f5591e014ef8c65e33c29d706 2316 gnome-keyring_3.4.1-5.dsc
 0b7a75cc0949fe5968fb3f10d9e5e6fc5c73dcd0 18183 
gnome-keyring_3.4.1-5.debian.tar.gz
 79b6e0ca8456f28f049e7a46a3ee2a384966fe97 935506 gnome-keyring_3.4.1-5_amd64.deb
 919660dd51bc36f6d85878ea57131f8ded50c8f6 251224 
libpam-gnome-keyring_3.4.1-5_amd64.deb
Checksums-Sha256: 
 aee4370f0e26074ba9f79fd7d01f845409fc4b60ec8f7822b9b658bb3b388c3c 2316 
gnome-keyring_3.4.1-5.dsc
 ee2986fc14f5e379818ade0843b5c005844fcb9dcf216db88070258bd0dd7f5a 18183 
gnome-keyring_3.4.1-5.debian.tar.gz
 2571b729382b478ea6022fe9a45d128f61cf63fd35b39a5e2ad00ea15a96381b 935506 
gnome-keyring_3.4.1-5_amd64.deb
 ec2b7228d28bd531271dcb538a2ed600e37d32fa0311c516a1da66d3a5d03396 251224 
libpam-gnome-keyring_3.4.1-5_amd64.deb
Files: 
 6a0911d091f0c72c9aa497d587df87c5 2316 gnome optional gnome-keyring_3.4.1-5.dsc
 a6c4893d4ab660046a125ba9209d9687 18183 gnome optional 
gnome-keyring_3.4.1-5.debian.tar.gz
 54139ff2ddd75d3f508c957d496ca3e3 935506 gnome optional 
gnome-keyring_3.4.1-5_amd64.deb
 e23cc168be94e77aa025e6f759dc2727 251224 admin optional 
libpam-gnome-keyring_3.4.1-5_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJQMUhTAAoJEB/FiR66sEPVqdwH/399gEBQJMRBQtrzdA/veQyD
nF/WhCBIySC2wytfpvSqtNLXaMW99MWYnJee+0DwFEA4LEOjdHLJ5cxBXIcK7wN2
7pjtWa/l+Vus+0iVvKUPeFNVBioGKcY6dzETMshW9mEMHs1FbPYGbzPuyWZjBPTO
BSq/bOLkCRbl5BrHU+KVgu0IjoegoRwpAMaQ3RnHTGRXpG/zck6fKIH+4lZijDme
a4Wy+FMx0pBsCYMAx/vLRlS2OwNtMlpBK1Wzvj7T1udJo+cywlEU6eC0hC22MChy
JuXetF71ah05M8eeJ2TP027F2zbFfTzzv65S/76uUAbh0FTYtja7cjyKxizH9P4=
=XI09
-----END PGP SIGNATURE-----

--- End Message ---