[dev] [surf] Grave bug reported for Surf in Debian
Hello all, I'm just forwarding a bug reported on surf Debian package [1]. This bug makes package unfit for Wheezy release. (I'm not the maintainer of package only did a recent QA upload.) [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659296 Best Regards -- Vasudev Kamath http://blog.copyninja.info http://identi.ca/vasudev copyni...@frndk.de signature.asc Description: Digital signature
Re: [dev] [surf] Grave bug reported for Surf in Debian
On 16:42 Fri 10 Feb , Nick wrote: > 'Grave' eh? That seems like an exageration, to me. Just for information *Grave* doesn't literally mean its a *Grave* bug, but its a severity level used by Debian bugzilla [1]. Grave in technical terms of debian Just means "makes the package in question unusable or mostly so, or causes data loss, or introduces a security hole allowing access to the accounts of users who use the package" In this case its just saying a security hole is present in the software. [1] http://www.debian.org/Bugs/Developer#severities @Peter thanks for providing the patch quickly Thanks folks. -- Vasudev Kamath http://blog.copyninja.info http://identi.ca/vasudev copyni...@frndk.de signature.asc Description: Digital signature
Re: [dev] [surf] Grave bug reported for Surf in Debian
On 11:46 Fri 10 Feb , Peter Hartman wrote: > Fixed. Hello Peter thanks for the patch. Can the permission for cookies.txt can be changed to 0600 instead of 0644?. Best Regards -- Vasudev Kamath http://blog.copyninja.info http://identi.ca/vasudev vasu...@joindiaspora.com (Ostatus) signature.asc Description: Digital signature
Re: [dev] [surf] Grave bug reported for Surf in Debian
For your information. I applied your patch and it was uploaded to Debian. But I got this mail after it is accepted to Debian. If you can provide me a patch which will help saving the surf package in Debian it would be great. PS: I'm just trying to save surf package on Debian - Forwarded message from Florian Weimer - Date: Fri, 10 Feb 2012 23:18:36 +0100 From: Florian Weimer To: Vasudev Kamath Subject: Re: Accepted surf 0.4.1-6 (source i386) * Vasudev Kamath: > surf (0.4.1-6) unstable; urgency=high > . >* QA upload. >* debian/patches: > + Added fix-insecure-permissions.patch to fix world readable cookie jar >vulnerability CVE-2012-0842. (Closes: #659296) - g_mkdir_with_parents(apath, 0755); + g_mkdir_with_parents(apath, 0700); I think you should also downgrade the permissions from 0755 if the directory exists (in case we want to keep the package alive, which I doubt). - End forwarded message - Best Regards -- Vasudev Kamath http://blog.copyninja.info http://identi.ca/vasudev vasu...@joindiaspora.com (Ostatus) signature.asc Description: Digital signature
Re: [dev] [surf] Grave bug reported for Surf in Debian
On Sat, Feb 11, 2012 at 3:14 PM, Anselm R Garbe wrote: > On 11 February 2012 04:13, Vasudev Kamath wrote: >> For your information. I applied your patch and it was uploaded to >> Debian. But I got this mail after it is accepted to Debian. If you can >> provide me a patch which will help saving the surf package in >> Debian it would be great. > > See attached, same as Florian suggested. Hello Anslem, It looks like same patch as the one Peter sent. Am I right? Best Regards -- Vasudev Kamath http://vasudevkamath.blogspot.com http://identi.ca/vasudev http://twitter.com/vasudevkamath
Re: [dev] Problem with dwm while using locale kn_IN
On 09:52 Mon 12 Nov , Carlos Torres wrote:
> Could you provide more information, like dwm version, font, and bank
> account?
dwm version is 6.0,
font is -*-lucidabright-medium-r-*-*-*-100-*-*-*-*-*-*
bank account??
--
Vasudev Kamath
http://copyninja.info
Connect on ~friendica: copyninja@{frndk.de | vasudev.homelinux.net}
IRC nick: copyninja | vasudev {irc.oftc.net | irc.freenode.net}
GPG Key: C517 C25D E408 759D 98A4 C96B 6C8F 74AE 8770 0B7E
signature.asc
Description: Digital signature
