Your message dated Thu, 13 Jun 2013 21:21:52 +0000 with message-id <e1unexs-0001vh...@franck.debian.org> and subject line Bug#711172: fixed in phpbb3 3.0.11-4 has caused the Debian Bug report #711172, regarding phpbb3: creates world writable /var/cache/phpbb3/cache/phpbb3/data_hooks.php to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 711172: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711172 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: phpbb3 Version: 3.0.11-3 Severity: serious Tags: security User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package creates a world writable file: -rw-rw-rw- 1 root www-data 34 May 29 14:47 /var/cache/phpbb3/cache/phpbb3/data_hooks.php This was observed on upgrades from sid to experimental. So far I didn't notice it in any other install or upgrade path. Andreas
phpbb3_3.0.11-3.log.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---Source: phpbb3 Source-Version: 3.0.11-4 We believe that the bug you reported is fixed in the latest version of phpbb3, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 711...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Prévot <taf...@debian.org> (supplier of updated phpbb3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 Jun 2013 15:35:45 -0400 Source: phpbb3 Binary: phpbb3 phpbb3-l10n Architecture: source all Version: 3.0.11-4 Distribution: unstable Urgency: high Maintainer: Jeroen van Wolffelaar <jer...@wolffelaar.nl> Changed-By: David Prévot <taf...@debian.org> Description: phpbb3 - full-featured, skinnable non-threaded web forum phpbb3-l10n - additional language files for phpBB Closes: 711172 Changes: phpbb3 (3.0.11-4) unstable; urgency=high . * Fix chown in cache (closes: #711172) * Fix world-writable directories Checksums-Sha1: e0474d9313cc360918ad41ec99b05e5fbfe03279 14593 phpbb3_3.0.11-4.dsc 3a3732ec901885789f3a07112f0db0a06c4702b6 120744 phpbb3_3.0.11-4.debian.tar.gz 8245e03714277a0e9b17d55824b5eb17ea81de42 2288374 phpbb3_3.0.11-4_all.deb 22f2d6fc73b328154c3a2e6634bee1aa6a4587a7 8654618 phpbb3-l10n_3.0.11-4_all.deb Checksums-Sha256: 714b9eafef6c67295d2970f625e0e6f4d76a8a7f0f432a5b23983c1c12a6cde9 14593 phpbb3_3.0.11-4.dsc d6cc992d89382d081bc194f29e72a7813d92cf0221b34a0549f2540ef3823d02 120744 phpbb3_3.0.11-4.debian.tar.gz d725a6c0248755beec482e6ded512270a2789105395ca9775b87e56a8fb604c7 2288374 phpbb3_3.0.11-4_all.deb eb9ec67fa74c31f086a0a0b1900bf76cf6140bca149f342f6f6b96f14565ec27 8654618 phpbb3-l10n_3.0.11-4_all.deb Files: 1f3a621f39fc3eb469391fecc011e4fe 14593 web optional phpbb3_3.0.11-4.dsc 1c47f35b444ff740fd257d5db58567ae 120744 web optional phpbb3_3.0.11-4.debian.tar.gz b2ec4bef6ca9f105e980aa310ec95f02 2288374 web optional phpbb3_3.0.11-4_all.deb e2f893db1cb678a4f57411c7b5633d77 8654618 localization optional phpbb3-l10n_3.0.11-4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJRuiIPAAoJEAWMHPlE9r08MDcH+gJIcuB/BCW65mn94IOVEMwN jFzVDV5WQKtzr7eBOFUPlBvuc+IMaZCRo6lRfv1EbufbMJeDz/FrHmxGIywdHrf6 GI/dKkkK+JjZkz/yt+MCAADkTlwhCy9uOijuz52e7vsZwRIQsdSoJoJh/vE7+RBu OWU0xJvbPoeVE3XsFVeplAccDYyNrvNVii96fZQ0puBgsYmk0/+od/v8I+aWF58/ q45doMBaX+7p1kRxc/xJWCrzALheNQnl9EME6+sSL7fWLdVfKCfRuXZH/yTJDXqp Xu15/+lsASjUx2Rm4AcR67k3DWfEgDmkHX/FZAp8TxadA5n/XUu5mVAmMxTz+2g= =Tt67 -----END PGP SIGNATURE-----
--- End Message ---
