[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#693360: marked as done (RM: libpam-rsa -- RoST; unmaintained, buggy and dangerous)

Your message dated Sat, 19 Oct 2013 10:14:05 +0000
with message-id <E1VXTXp-0004uV-A8@franck.debian.org>
and subject line Bug#693360: Removed package(s) from oldstable
has caused the Debian Bug report #693360,
regarding RM: libpam-rsa -- RoST; unmaintained, buggy and dangerous
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
693360: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693360
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: libpam-rsa
Version: 0.8-9-2.4
Tags: security

* What led up to the situation?
1. I manually locked my screen using xscreensaver-command -lock.
2. I moved the pointer, causing the xscreensaver password screen to appear.
3. I moved the pointer some more and waited for the timeout to expire.

* What was the outcome of this action?
xscreensaver crashed with a segfault, and the screen was unlocked,
including a root shell window.

This is very repeatable.  It may be relevant that I use libpam-rsa
instead of the normal pam-unix for login. 

-- 
Ian Zimmerman
gpg public key: 1024D/C6FF61AD
fingerprint: 66DC D68F 5C1B 4D71 2EE5  BD03 8A00 786C C6FF 61AD
http://www.gravatar.com/avatar/c66875cda51109f76c6312f4d4743d1e.png
Rule 420: All persons more than eight miles high to leave the court.

--- End Message ---
--- Begin Message --- 
We believe that the bug you reported is now fixed; the following
package(s) have been removed from oldstable:

libpam-rsa |  0.8-9-2.2 | source, amd64, armel, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc

------------------- Reason -------------------
RoST; unmaintained, buggy and dangerous
----------------------------------------------

Note that the package(s) have simply been removed from the tag
database and may (or may not) still be in the pool; this is not a bug.
The package(s) will be physically removed automatically when no suite
references them (and in the case of source, when no binary references
it).  Please also remember that the changes have been done on the
master archive and will not propagate to any mirrors (ftp.debian.org
included) until the next dinstall run at the earliest.

Packages are usually not removed from testing by hand. Testing tracks
unstable and will automatically remove packages which were removed
from unstable when removing them from testing causes no dependency
problems. The release team can force a removal from testing if it is
really needed, please contact them if this should be the case.

Bugs which have been reported against this package are not automatically
removed from the Bug Tracking System.  Please check all open bugs and
close them or re-assign them to another package if the removed package
was superseded by another one.

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 693360@bugs.debian.org.

The full log for this bug can be viewed at http://bugs.debian.org/693360

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Archive Administrator (the ftpmaster behind the curtain)

--- End Message ---
Reply to: