Bug#693359: marked as done (RM: libpam-rsa -- RoST; unmaintained, buggy and dangerous)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#693359: marked as done (RM: libpam-rsa -- RoST; unmaintained, buggy and dangerous)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 17 Nov 2012 12:15:05 +0000
Message-id: <[🔎] handler.693359.D693359.135315439110386.ackdone@bugs.debian.org>
References: <1353154293.22859.21.camel@jacala.jungle.funky-badger.org> <87mwymv4t5.fsf@foolinux.dyndns.org>

Your message dated Sat, 17 Nov 2012 12:11:33 +0000
with message-id <1353154293.22859.21.camel@jacala.jungle.funky-badger.org>
and subject line Re: Processed: Re: segfault in xscreensaver, screen revealed
has caused the Debian Bug report #693359,
regarding RM: libpam-rsa -- RoST; unmaintained, buggy and dangerous
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
693359: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693359
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: segfault in xscreensaver, screen revealed
From: Ian Zimmerman <itz@buug.org>
Date: Mon, 12 Nov 2012 14:23:34 -0800
Message-id: <87mwymv4t5.fsf@foolinux.dyndns.org>

Package: libpam-rsa
Version: 0.8-9-2.4
Tags: security

* What led up to the situation?
1. I manually locked my screen using xscreensaver-command -lock.
2. I moved the pointer, causing the xscreensaver password screen to appear.
3. I moved the pointer some more and waited for the timeout to expire.

* What was the outcome of this action?
xscreensaver crashed with a segfault, and the screen was unlocked,
including a root shell window.

This is very repeatable.  It may be relevant that I use libpam-rsa
instead of the normal pam-unix for login. 

-- 
Ian Zimmerman
gpg public key: 1024D/C6FF61AD
fingerprint: 66DC D68F 5C1B 4D71 2EE5  BD03 8A00 786C C6FF 61AD
http://www.gravatar.com/avatar/c66875cda51109f76c6312f4d4743d1e.png
Rule 420: All persons more than eight miles high to leave the court.

--- End Message ---

--- Begin Message ---

To: 693359-done@bugs.debian.org

Cc: Yves-Alexis Perez <corsac@debian.org>

Subject: Re: Processed: Re: segfault in xscreensaver, screen revealed

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 17 Nov 2012 12:11:33 +0000

Message-id: <1353154293.22859.21.camel@jacala.jungle.funky-badger.org>

In-reply-to: <[🔎] handler.s.C.13530082928499.transcript@bugs.debian.org>

References: <[🔎] 1353008190.547.9.camel@jacala.jungle.funky-badger.org> <[🔎] handler.s.C.13530082928499.transcript@bugs.debian.org>
On Thu, 2012-11-15 at 19:39 +0000, Debian Bug Tracking System wrote:
> Processing commands for control@bugs.debian.org:
> 
> > clone 693087 -1 -2 -3
> Bug #693087 [libpam-rsa] segfault in xscreensaver, screen revealed
> Bug 693087 cloned as bugs 693358-693360
> > reassign -1 ftp.debian.org
[...]
> > reassign -2 release.debian.org
> Bug #693359 [libpam-rsa] segfault in xscreensaver, screen revealed

ftp-master processed the unstable removal, and the package is
automagically no longer in testing; closing the testing RM bug.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Re: libnet-server-coro-perl_1.3-1_amd64.changes ACCEPTED into unstable
Next by Date: qcontrol update for Wheezy
Previous by thread: Re: Pre-approval request for catdoc
Next by thread: qcontrol update for Wheezy
Index(es):
- Date
- Thread