Bug#824503: marked as done (apt segfaults on a non-world-readable preferences.d file)
Your message dated Sat, 11 Jun 2016 16:34:42 +0000
with message-id <E1bBlru-0008Pb-Pl@franck.debian.org>
and subject line Bug#824503: fixed in apt 1.3~exp2
has caused the Debian Bug report #824503,
regarding apt segfaults on a non-world-readable preferences.d file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
824503: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824503
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apt segfaults on a non-world-readable preferences.d file
- From: kellerfuchs <kellerfuchs@hashbang.sh>
- Date: Mon, 16 May 2016 19:14:15 +0000
- Message-id: <20160516191415.22825.77343.reportbug@to1.hashbang.sh>
Package: apt
Version: 1.0.9.8.3
Severity: important
Dear Maintainer,
Running `apt list -upgradable`, as a regular user (without CAP_DAC_OVERRIDE)
led to a segfault when `/etc/apt/preferences.d/unbound` wasn't world-readable.
Making that file world-readable made the issue disappear.
The entire configuration of the machine exhibiting the issue is available at
https://github.com/hashbang/shell-etc/tree/5ce59efb07972588fa10e730b4a945b2cded44bb
Best regards,
Keller Fuchs
-- Package-specific info:
-- apt-config dump --
APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "false";
APT::Install-Suggests "false";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^linux-headers-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^.*-modules-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-3\.16\.0-4-amd64$";
APT::NeverAutoRemove:: "^linux-tools-3\.16\.0-4-amd64$";
APT::VersionedKernelPackages "";
APT::VersionedKernelPackages:: "linux-image";
APT::VersionedKernelPackages:: "linux-headers";
APT::VersionedKernelPackages:: "linux-image-extra";
APT::VersionedKernelPackages:: "linux-signed-image";
APT::VersionedKernelPackages:: "kfreebsd-image";
APT::VersionedKernelPackages:: "kfreebsd-headers";
APT::VersionedKernelPackages:: "gnumach-image";
APT::VersionedKernelPackages:: ".*-modules";
APT::VersionedKernelPackages:: ".*-kernel";
APT::VersionedKernelPackages:: "linux-backports-modules-.*";
APT::VersionedKernelPackages:: "linux-tools";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Never-MarkAuto-Sections:: "oldlibs";
APT::Never-MarkAuto-Sections:: "restricted/oldlibs";
APT::Never-MarkAuto-Sections:: "universe/oldlibs";
APT::Never-MarkAuto-Sections:: "multiverse/oldlibs";
APT::Architectures "";
APT::Architectures:: "amd64";
APT::Compressor "";
APT::Compressor::. "";
APT::Compressor::.::Name ".";
APT::Compressor::.::Extension "";
APT::Compressor::.::Binary "";
APT::Compressor::.::Cost "1";
APT::Compressor::gzip "";
APT::Compressor::gzip::Name "gzip";
APT::Compressor::gzip::Extension ".gz";
APT::Compressor::gzip::Binary "gzip";
APT::Compressor::gzip::Cost "2";
APT::Compressor::gzip::CompressArg "";
APT::Compressor::gzip::CompressArg:: "-9n";
APT::Compressor::gzip::UncompressArg "";
APT::Compressor::gzip::UncompressArg:: "-d";
APT::Compressor::bzip2 "";
APT::Compressor::bzip2::Name "bzip2";
APT::Compressor::bzip2::Extension ".bz2";
APT::Compressor::bzip2::Binary "bzip2";
APT::Compressor::bzip2::Cost "3";
APT::Compressor::bzip2::CompressArg "";
APT::Compressor::bzip2::CompressArg:: "-9";
APT::Compressor::bzip2::UncompressArg "";
APT::Compressor::bzip2::UncompressArg:: "-d";
APT::Compressor::xz "";
APT::Compressor::xz::Name "xz";
APT::Compressor::xz::Extension ".xz";
APT::Compressor::xz::Binary "xz";
APT::Compressor::xz::Cost "4";
APT::Compressor::xz::CompressArg "";
APT::Compressor::xz::CompressArg:: "-6";
APT::Compressor::xz::UncompressArg "";
APT::Compressor::xz::UncompressArg:: "-d";
APT::Compressor::lzma "";
APT::Compressor::lzma::Name "lzma";
APT::Compressor::lzma::Extension ".lzma";
APT::Compressor::lzma::Binary "xz";
APT::Compressor::lzma::Cost "5";
APT::Compressor::lzma::CompressArg "";
APT::Compressor::lzma::CompressArg:: "--format=lzma";
APT::Compressor::lzma::CompressArg:: "-9";
APT::Compressor::lzma::UncompressArg "";
APT::Compressor::lzma::UncompressArg:: "--format=lzma";
APT::Compressor::lzma::UncompressArg:: "-d";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::solvers "";
Dir::Bin::solvers:: "/usr/lib/apt/solvers";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Bin::bzip2 "/bin/bzip2";
Dir::Bin::xz "/usr/bin/xz";
Dir::Bin::lzma "/usr/bin/xz";
Dir::Media "";
Dir::Media::MountPath "/media/cdrom";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.save$";
Dir::Ignore-Files-Silently:: "\.orig$";
Dir::Ignore-Files-Silently:: "\.distUpgrade$";
Acquire "";
Acquire::cdrom "";
Acquire::cdrom::mount "/media/cdrom";
Acquire::Languages "";
Acquire::Languages:: "en";
Acquire::Languages:: "none";
DPkg "";
DPkg::Pre-Invoke "";
DPkg::Pre-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi";
DPkg::Post-Invoke "";
DPkg::Post-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
RPM "";
RPM::Pre-Invoke "";
RPM::Pre-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi";
RPM::Post-Invoke "";
RPM::Post-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi";
Unattended-Upgrade "";
Unattended-Upgrade::Origins-Pattern "";
Unattended-Upgrade::Origins-Pattern:: "origin=Debian,codename=${distro_codename},label=Debian-Security";
CommandLine "";
CommandLine::AsString "apt-config dump";
-- /etc/apt/preferences --
# Give jessie priority over everything
Package: *
Pin: release n=jessie
Pin-Priority: 900
# Give stretch priority over unstable (which has the default 500 priority)
Package: *
Pin: release n=stretch
Pin-Priority: 800
-- /etc/apt/sources.list --
deb http://httpredir.debian.org/debian/ jessie main contrib non-free
deb-src http://httpredir.debian.org/debian/ jessie main contrib non-free
deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free
# Backports. Must be enabled per-package using a pin
deb http://httpredir.debian.org/debian/ jessie-backports main contrib non-free
deb-src http://httpredir.debian.org/debian/ jessie-backports main contrib non-free
# Newer releases. Use with care and pin.
deb http://httpredir.debian.org/debian/ stretch main contrib non-free
deb-src http://httpredir.debian.org/debian/ stretch main contrib non-free
-- System Information:
Debian Release: 8.4
APT prefers stable
APT policy: (900, 'stable'), (800, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apt depends on:
ii debian-archive-keyring 2014.3
ii gnupg 1.4.18-7+deb8u1
ii libapt-pkg4.12 1.0.9.8.3
ii libc6 2.19-18+deb8u4
ii libgcc1 1:4.9.2-10
ii libstdc++6 6.1.1-1
apt recommends no packages.
Versions of packages apt suggests:
pn apt-doc <none>
ii aptitude 0.6.11-1+b1
ii dpkg-dev 1.17.26
ii python-apt 0.9.3.12
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: apt
Source-Version: 1.3~exp2
We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 824503@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Julian Andres Klode <jak@debian.org> (supplier of updated apt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 11 Jun 2016 17:23:19 +0200
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.3~exp2
Distribution: experimental
Urgency: medium
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
apt - commandline package manager
apt-doc - documentation for APT
apt-transport-https - https download transport for APT
apt-utils - package management related utility programs
libapt-inst2.0 - deb package format runtime library
libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
libapt-pkg-doc - documentation for APT development
libapt-pkg5.0 - package management runtime library
Closes: 819697 824456 824503 824702 825396 825742 826043 826291
Changes:
apt (1.3~exp2) experimental; urgency=medium
.
[ Johannes 'josch' Schauer ]
* edsp: document unique package identifiers
.
[ David Kalnischkies ]
* edsp: warn if unexpected stanzas appear in the solution
* show globalerrors before asking for confirmation
* show final solution in --no-download --fix-missing mode
* document --no- as --show-upgraded is the default (Closes: 824456)
* fail instead of segfault on unreadable config files (Closes: 824503)
* convert EDSP to be based on FileFd instead of FILE*
* edsp: dump: support dumping into compressed file
* edsp: add Forbid-{New-Install,Remove} and Upgrade-All
* update symbols file
* no-change bump of Standards-Version to 3.9.8
* override lintian on doxygens embedded-javascript-library
* fix and document on the fly compressor config
* prevent C++ locale number formatting in text APIs (Closes: #825396)
* accept only the expected UTC timezones in date parsing (Closes: 819697)
* avoid changing the global LC_TIME for Release writing
* use de-localed std::put_time instead rolling our own
* use std::locale::global instead of setlocale
* look into the right textdomain for apt-utils again
* try to detect sudo spawned root-shell in prefixing (Closes: 825742)
* ignore std::locale exception on non-existent "" locale
* apt-key: change to / before find to satisfy its CWD needs.
Thanks to Samuel Thibault for 'finding' the culprit! (Closes: 826043)
* edsp: use an ID mapping for the internal solver
* edsp: use a stanza based interface for solution writing
* edsp: optionally store a compressed copy of the last scenario
* move 'dump' solver from apt-utils to apt package
* edsp: if internal is used, keep this decision
* edsp: if logging is requested, do it for internal, too
* edsp: drop privileges before executing solvers
* don't explicitly configure the last round of packages
* drop Dpkg::MaxArgs in favor of Dpkg::MaxArgsBytes
* do not hang on piped input in PipedFileFdPrivate
* don't leak an FD in lz4 (de)compression
* don't leak EDSP solver output fd
* don't leak FD in AutoProxyDetect command return parsing
.
[ Julian Andres Klode ]
* Provide complete apt bash completion.
Thanks to Elias Fröhner and Svyatoslav Gryaznov for the initial work
(LP: #1573547)
* apt.systemd.daily: Put opening brace of check_power on extra line
(LP: #1581985)
* Add conflicting Signed-By values to error message
* Normalize Signed-By values by removing trailing commas everywhere
* Pass -fvisibility-inlines-hidden to g++
.
[ Zhou Mo ]
* zh_CN.po: update simplified Chinese translation.
.
[ Yuri Kozlov ]
* Russian program translation update (Closes: 824702)
.
[ Takuma Yamada ]
* Japanese program translation update (Closes: 826291)
Checksums-Sha1:
20fbb0afa8a99cbe3f6a2d9fd2461280d7fe369b 2353 apt_1.3~exp2.dsc
7a586fb02e7035bf34adad7108dd67a10e8d7990 2066088 apt_1.3~exp2.tar.xz
Checksums-Sha256:
e6b3d0f9870343260da30f946a751120991d0a2edf22483dbd7bc903cf845983 2353 apt_1.3~exp2.dsc
29a88df31a680a31d7035ac8f8befebe5a34c8843c45dfc915f43f3c8dba6d43 2066088 apt_1.3~exp2.tar.xz
Files:
210c78a3191970ee669aeef8e00c8147 2353 admin important apt_1.3~exp2.dsc
0b0a68913dd3934141f340f7230ae7a1 2066088 admin important apt_1.3~exp2.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXXC2jAAoJENc8OeVlgLOGV+kQAIQLwkxnEyX9dqMGTdqLGmGF
XuWC1BrgLRaKpepSfRTpeOqZUeJWFIC0AkYC/dzkBTBncwc9LWAvnyubTU9cr8Wz
QmxWn6HDsVlaG9gnSsdi30d2wOA6fCIgaTppvJh9Aax7Dpntf4nUSraovMFKaxLw
/JBGrqcmsBSDQC+Knw9svImC24tkuhBVB4oVqvCC+RGbkL1eZD7DjQWU4laf6JIA
LsQoQC4nczzR0kx5FgEZTc78mVosd5xOnZhV/iAk68mK3bs8z1FU/qVgdpUC4VFf
soYvp+kL3kBO3Y7O3RSyP9/uhn6wbk+4pZx7CUHq4cRWtNMknajii9MKZ7HYiN4T
4uU2BZgxDyLm5m8RSRnLHqmpKthgPatfS0lSzzO4Qcsyi5RAZnJ+9R8eVAQch4Mr
F7OYzXPH0vcO3WTXqZqhPIiDMhdX7YUvv0jdPmneakDYdSu9bhlBEm16aghFH/h7
nAtMWW7/pWtsOwo6crCTyIiQUT/LPdNC6rY7CJbMz05D8dER/qUullMtvWffIe0T
7OcIUftwsRGhWjAAfVwZSAR+DJFTjQMEO9pKEgaA9ypyJ/jadf7U/kfvti7qe1Q8
QWiGu3KDt+ncDEZ1h9vKzl6s5d20WVeGwCZdH3C2vbxQ775klQKliu8cv01wlvIg
c8Do3nRp6wiBtuKSoxYe
=Ehha
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: