Bug#688945: marked as done (unblock: condor/7.8.2~dfsg.1-1+deb7u1)

To: Mehdi Dogguy <mehdi@dogguy.org>
Subject: Bug#688945: marked as done (unblock: condor/7.8.2~dfsg.1-1+deb7u1)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 27 Sep 2012 13:57:06 +0000
Message-id: <[🔎] handler.688945.D688945.134875401923015.ackdone@bugs.debian.org>
References: <50645A13.1070709@dogguy.org> <[🔎] 20120927073326.9831.317.reportbug@meiner>

Your message dated Thu, 27 Sep 2012 15:52:19 +0200
with message-id <50645A13.1070709@dogguy.org>
and subject line Re: Bug#688945: unblock: condor/7.8.2~dfsg.1-1+deb7u1
has caused the Debian Bug report #688945,
regarding unblock: condor/7.8.2~dfsg.1-1+deb7u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
688945: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688945
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: condor/7.8.2~dfsg.1-1+deb7u1
From: Michael Hanke <mih@debian.org>
Date: Thu, 27 Sep 2012 09:33:26 +0200
Message-id: <[🔎] 20120927073326.9831.317.reportbug@meiner>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package condor. thanks!

The version in unstable fixes four CVE issues that are present in the
current version in wheezy.

Changelog
---------

condor (7.8.2~dfsg.1-1+deb7u1) unstable; urgency=high

  * Security update. This release addresses four CVE issues (Closes: #688210):
    - Security Item: Some code that was no longer used was removed. The presence
      of this code could expose information which would allow an attacker to
      control another user's job. (CVE-2012-3493)
    - Security Item: Some code that was no longer used was removed. The presence
      of this code could have lead to a Denial-of-Service attack which would
      allow an attacker to remove another user's idle job. (CVE-2012-3491)
    - Security Item: Filesystem (FS) authentication was improved to check the
      UNIX permissions of the directory used for authentication. Without this,
      an attacker may have been able to impersonate another submitter on the
      same submit machine. (CVE-2012-3492)
    - Security item: Check setuid return value (CVE-2012-3490)

 -- Michael Hanke <mih@debian.org>  Wed, 26 Sep 2012 16:10:17 +0200

Debdiff
-------

% debdiff condor_7.8.2\~dfsg.1-1_i386.changes condor_7.8.2\~dfsg.1-1+deb7u1_i386.changes
File lists identical (after any substitutions)

Control files of package condor: lines which differ (wdiff format)
------------------------------------------------------------------
Installed-Size: [-12465-] {+12464+}
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}

Control files of package condor-dbg: lines which differ (wdiff format)
----------------------------------------------------------------------
Depends: condor (= [-7.8.2~dfsg.1-1)-] {+7.8.2~dfsg.1-1+deb7u1)+}
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}

Control files of package condor-dev: lines which differ (wdiff format)
----------------------------------------------------------------------
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}

Control files of package condor-doc: lines which differ (wdiff format)
----------------------------------------------------------------------
Installed-Size: [-6132-] {+6133+}
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}

Control files of package libclassad-dev: lines which differ (wdiff format)
--------------------------------------------------------------------------
Depends: libclassad3 (= [-7.8.2~dfsg.1-1)-] {+7.8.2~dfsg.1-1+deb7u1)+}
Installed-Size: [-2158-] {+2159+}
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}

Control files of package libclassad3: lines which differ (wdiff format)
-----------------------------------------------------------------------
Version: [-7.8.2~dfsg.1-1-] {+7.8.2~dfsg.1-1+deb7u1+}



Added patches are attached.

unblock condor/7.8.2~dfsg.1-1+deb7u1

--- End Message ---

--- Begin Message ---

To: Michael Hanke <mih@debian.org>, 688945-done@bugs.debian.org

Subject: Re: Bug#688945: unblock: condor/7.8.2~dfsg.1-1+deb7u1

From: Mehdi Dogguy <mehdi@dogguy.org>

Date: Thu, 27 Sep 2012 15:52:19 +0200

Message-id: <50645A13.1070709@dogguy.org>

In-reply-to: <[🔎] 20120927073326.9831.317.reportbug@meiner>

References: <[🔎] 20120927073326.9831.317.reportbug@meiner>
On 27/09/2012 09:33, Michael Hanke wrote:
Please unblock package condor. thanks!

The version in unstable fixes four CVE issues that are present in the
current version in wheezy.
Unblocked.

Please make sure you don't introduce new files in future uploads.
A debdiff reveals those:
 .pc/.quilt_patches          |    1
 .pc/.quilt_series           |    1
 .pc/.version                |    1

Regards,

--
Mehdi Dogguy مهدي الدڤي
--- End Message ---

Reply to:

References:
- Bug#688945: unblock: condor/7.8.2~dfsg.1-1+deb7u1
  - From: Michael Hanke <mih@debian.org>

Prev by Date: Bug#688876: marked as done (unblock: mathematica-fonts/15)
Next by Date: Bug#688966: Review midgard2-core package
Previous by thread: Bug#688945: unblock: condor/7.8.2~dfsg.1-1+deb7u1
Next by thread: Bug#688953: freeze-exception: nvidia-graphics-drivers/304.48-3 - libgl1-nvidia-glx package split
Index(es):
- Date
- Thread