Your message dated Wed, 03 Feb 2010 06:47:13 +0000
with message-id <e1ncz17-0005ou...@ries.debian.org>
and subject line Bug#499076: fixed in acl 2.2.49-2
has caused the Debian Bug report #499076,
regarding CVE-2009-4411: Physical walk no longer ignores all symlinks
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
499076: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499076
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: acl
Version: 2.2.47-2
After upgrading a system from Etch to Lenny, we are having some problems
with our backup scripts which rely on getfacl/getfattr.
Previously we had been using "getfacl -RP ..." to recursively dump all
the ACLs in a number of directories which are also Samba shares. Because
we use the DFS features of Samba, we have numerous intentional
"dangling" symlinks in these directories. However, now this is causing
getfacl to exit with non-zero status and spew lots of unwanted output to
stderr.
A simple test case to reproduce the problem:
#!/bin/sh
ln -f -s no_such_file foo
getfacl -RP . > dev/null
echo $?
Output on Etch:
0
Output on Lenny:
getfacl: ./foo: No such file or directory
1
I realise that upstream changed the behaviour at some point there, as
the manpage description of the -P option differs between Etch/Lenny.
However, we still need a way to ignore all symlinks - if the current
behaviour is be design (I don't understand why this would be desirable),
then can we have another option to completely ignore symlinks?
Thanks,
Kevin.
--- End Message ---
--- Begin Message ---
Source: acl
Source-Version: 2.2.49-2
We believe that the bug you reported is fixed in the latest version of
acl, which is due to be installed in the Debian FTP archive:
acl_2.2.49-2.debian.tar.bz2
to main/a/acl/acl_2.2.49-2.debian.tar.bz2
acl_2.2.49-2.dsc
to main/a/acl/acl_2.2.49-2.dsc
acl_2.2.49-2_amd64.deb
to main/a/acl/acl_2.2.49-2_amd64.deb
libacl1-dev_2.2.49-2_amd64.deb
to main/a/acl/libacl1-dev_2.2.49-2_amd64.deb
libacl1_2.2.49-2_amd64.deb
to main/a/acl/libacl1_2.2.49-2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 499...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <ani...@debian.org> (supplier of updated acl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 02 Feb 2010 11:40:55 +1100
Source: acl
Binary: acl libacl1-dev libacl1
Architecture: source amd64
Version: 2.2.49-2
Distribution: unstable
Urgency: low
Maintainer: Nathan Scott <nath...@debian.org>
Changed-By: Anibal Monsalve Salazar <ani...@debian.org>
Description:
acl - Access control list utilities
libacl1 - Access control list shared library
libacl1-dev - Access control list static libraries and headers
Closes: 499076
Changes:
acl (2.2.49-2) unstable; urgency=low
.
* Debian source format is 3.0 (quilt)
Add 01-Makefile.patch
* Fix CVE-2009-4411
Refer to https://savannah.nongnu.org/bugs/?28131
Add 02-499076-physical-walk.patch
Patch by Markus Steinborn
Closes: 499076
* Fix debhelper-but-no-misc-depends
* Fix out-of-date-standards-version
* Fix no-upstream-changelog
Checksums-Sha1:
96df8d8914069820fa18fb35c96b900b3fbf9fe2 1877 acl_2.2.49-2.dsc
151c9f0918e3c2a009377b1642f02b68e6a7ed0b 6381 acl_2.2.49-2.debian.tar.bz2
3f918a194af9b1ff3701bb6388150bc1d73b096e 64480 acl_2.2.49-2_amd64.deb
28feace19539a9f9fb8e3a23d347845d4b746d8d 90282 libacl1-dev_2.2.49-2_amd64.deb
c8fe41a31927de984fe81e9c6706fa417bab3009 28164 libacl1_2.2.49-2_amd64.deb
Checksums-Sha256:
1d87ce4533f0eb3d7b5a113f1343ad96fc51f560a082bf94948825dab486d0e8 1877
acl_2.2.49-2.dsc
8af6f97cde3288a77ca7d0d78f29fb4c5b8f1e0a8ed0d15d2711d3521532f18a 6381
acl_2.2.49-2.debian.tar.bz2
fae89b3fbdc91916501d358208db2b1223bc018296defdc47c9112d99bd26734 64480
acl_2.2.49-2_amd64.deb
5821a2dcb9c6cedbfcc1f6a42d1ee8e266d4982400afa1d6630dcb16a0668a8b 90282
libacl1-dev_2.2.49-2_amd64.deb
9c0a5d07d278689b558579262141d8e00b08299ba895aa78a75fd4e7784a940c 28164
libacl1_2.2.49-2_amd64.deb
Files:
4ba53c3be66f9241927aa8b5ca119ce9 1877 utils optional acl_2.2.49-2.dsc
98f9c3ff5b03addd1f2ee7f6e603b75a 6381 utils optional
acl_2.2.49-2.debian.tar.bz2
447955e3e7c4ecddcd25c62eb80e6404 64480 utils optional acl_2.2.49-2_amd64.deb
f12bd013c27a5233af60ab5cdbb2199b 90282 libdevel extra
libacl1-dev_2.2.49-2_amd64.deb
cfa7d4646dda9be7d8f285f8d3f6473f 28164 libs required libacl1_2.2.49-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLaRoCAAoJEHxWrP6UeJfY0/EQALuJbqBREP2gteNFtiRJrbX/
dIdUMpsDbZd10Cn2naFMT6xw9sa2/vkvO24lgxJfRCW0F9QQCF+fAF5jOHg+WJ4g
VhVAMlYIbh0waEwNkFcGyi4CLJ4Q2RJBYI4TAoTgXyD4TGWMy1RkFnVFrUbM4Nhb
15xIs2j/+rvRsaWThlYwh/GtJtJmKQCRdS8u7M+hyEKp85QfxU1LZ85/dre01dQC
Ja80fMCsNxIhxuzCuYHV3tKKiDfz/hkXVlo+6sRrziVEIIZhSVjzEpNbTm+rm+u4
UavIP7CxqHxfKfVF67dzff3VjMK+gA0F3JGQIxCZVXn9oePWVmDC7Lu7NFhpcpjp
iXJ9cn2Wpu3h6SqM6i+Gr9DIeVDrAljYVtU+hOprowVJ9ZxOBf7EgUWJaEGWKnYf
hZ46XWQiJOO7IJJJVBEf2hh0SPu5uiWfgPn4GpOmW4UqMyJSF1UzLYrCUFqWsEOl
gfaAWxqSM1/Ka2zJTlGs7cBhnf1wuTYdAxwMpujoeF+2UpRF7TxDRqHr2ojBLXrl
zYW48VgzJ+YuVZeIM96VAF8gi++uYzIhsQzNB6ijCoHXyPq/VwEFbOS+ErgBtGx6
hTKljRwnQLoWRCEyoEY45Aq8nivM+9PPM5T8dm6huM/KydSQpsDCWRd9l8pXFGfN
sIRZuQZvItfgC0ir2AiD
=//QU
-----END PGP SIGNATURE-----
--- End Message ---
