Bug#950257: buster-pu: package debian-edu-config/2.10.65+deb10u4
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
Dear Release Team,
on behalf of the Debian Edu team, I just uploaded a fix for Debian bug #941001 to buster (2.10.65+deb10u4).
>From the changelog:
+ [ Dominik George ]
+ * Keep proxy settings on client if wpad is unreachable (Closes: #941001).
The nastiness of this bug in a deployed Debian Edu site is described in
the bug referred to above. TL;DR; Clients loose internet access if the WPAD
server was unreachable during boot (which happens quite often for
wireless notebook machines). One consequence of this is APT
unattended-upgrades failing most of the time on those machines.
Thanks+Greets,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru debian-edu-config-2.10.65+deb10u3/debian/changelog debian-edu-config-2.10.65+deb10u4/debian/changelog
--- debian-edu-config-2.10.65+deb10u3/debian/changelog 2019-12-16 16:29:19.000000000 +0100
+++ debian-edu-config-2.10.65+deb10u4/debian/changelog 2020-01-30 17:23:38.000000000 +0100
@@ -1,3 +1,10 @@
+debian-edu-config (2.10.65+deb10u4) buster; urgency=medium
+
+ [ Dominik George ]
+ * Keep proxy settings on client if wpad is unreachable (Closes: #941001).
+
+ -- Mike Gabriel <sunweaver@debian.org> Thu, 30 Jan 2020 17:23:38 +0100
+
debian-edu-config (2.10.65+deb10u3) buster-security; urgency=high
* Security fix for CVE-2019-3467
diff -Nru debian-edu-config-2.10.65+deb10u3/share/debian-edu-config/tools/update-proxy-from-wpad debian-edu-config-2.10.65+deb10u4/share/debian-edu-config/tools/update-proxy-from-wpad
--- debian-edu-config-2.10.65+deb10u3/share/debian-edu-config/tools/update-proxy-from-wpad 2019-12-16 16:29:19.000000000 +0100
+++ debian-edu-config-2.10.65+deb10u4/share/debian-edu-config/tools/update-proxy-from-wpad 2020-01-30 17:23:38.000000000 +0100
@@ -83,7 +83,7 @@
# proxy.
http_proxy=
-eval `/usr/share/debian-edu-config/tools/wpad-extract`
+. /usr/share/debian-edu-config/tools/wpad-extract >/dev/null || exit 1
ftp_proxy=$http_proxy
https_proxy=$http_proxy
diff -Nru debian-edu-config-2.10.65+deb10u3/share/debian-edu-config/tools/wpad-extract debian-edu-config-2.10.65+deb10u4/share/debian-edu-config/tools/wpad-extract
--- debian-edu-config-2.10.65+deb10u3/share/debian-edu-config/tools/wpad-extract 2019-12-16 16:29:19.000000000 +0100
+++ debian-edu-config-2.10.65+deb10u4/share/debian-edu-config/tools/wpad-extract 2020-01-30 17:23:38.000000000 +0100
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
#
# Detect proxy URL via WPAD
#
@@ -11,5 +11,10 @@
# DNS if the skolelinux machines are not connected to the Internet.
proxy_url=$(curl -s http://wpad/wpad.dat | pactester -p - \
-u http://130.89.148.14 | awk '{print $2}' | cut -d';' -f1)
-echo http_proxy=http://$proxy_url
+if [ "$proxy_url" ]; then
+ http_proxy=http://$proxy_url
+ echo http_proxy=$http_proxy
+else
+ return 1
+fi
diff -Nru debian-edu-config-2.10.65+deb10u3/testsuite/webcache debian-edu-config-2.10.65+deb10u4/testsuite/webcache
--- debian-edu-config-2.10.65+deb10u3/testsuite/webcache 2019-12-16 16:29:19.000000000 +0100
+++ debian-edu-config-2.10.65+deb10u4/testsuite/webcache 2020-01-30 17:23:38.000000000 +0100
@@ -69,7 +69,7 @@
# Subshell to avoid leaking http_proxy and ftp_proxy variables to
# the rest of this script
(
- eval `/usr/share/debian-edu-config/tools/wpad-extract`
+ . /usr/share/debian-edu-config/tools/wpad-extract >/dev/null
if [ "$http_proxy" ] ; then
echo "success: $0: WPAD file '$url' includes HTTP proxy info."
else
Reply to: