Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Jose Carlos Garcia Sogo <jsogo@debian.org>: Bug#357392; Package beagle.
(full text, mbox, link).
Acknowledgement sent to James McCaw <james.mccaw@gmail.com>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Jose Carlos Garcia Sogo <jsogo@debian.org>.
(full text, mbox, link).
Package: beagle
Version: 0.2.2.1-1
Severity: grave
Tags: security
Justification: user security hole
Speaks for itself really...
jamesm@feathertop:~% cat `which beagle-status`
#!/bin/sh
if [ -x "./beagle-info" ]; then
CMD="./beagle-info"
else
CMD="beagle-info"
fi
watch -n 5 $CMD --status
Solution: Replace beagle-status with new script
#!/bin/sh
watch -n 5 beagle-info --status
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)
Versions of packages beagle depends on:
ii bash 3.1-3 The GNU Bourne Again SHell
ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit
ii libc6 2.3.6-3 GNU C Library: Shared libraries an
ii libcairo2 1.0.2-3 The Cairo 2D vector graphics libra
ii libexif12 0.6.13-4 library to parse EXIF files
ii libfontconfig1 2.3.2-5 generic font configuration library
ii libgalago-cil 0.3.2-4 CLI bindings for libgalago
ii libgconf2.0-cil 2.8.2-1 CLI binding for GConf 2.12
ii libglade2.0-cil 2.8.2-1 CLI binding for the Glade librarie
ii libglib2.0-0 2.8.6-1 The GLib library of C routines
ii libglib2.0-cil 2.8.2-1 CLI binding for the GLib utility l
ii libgmime2.1-cil 2.1.19-1 CLI binding for the MIME library,
ii libgnome2.0-cil 2.8.2-1 CLI binding for GNOME 2.12
ii libgnomevfs2-0 2.12.2-7 GNOME virtual file-system (runtime
ii libgtk2.0-0 2.8.13-1 The GTK+ graphical user interface
ii libgtk2.0-cil 2.8.2-1 CLI binding for the GTK+ toolkit 2
ii libice6 6.9.0.dfsg.1-4 Inter-Client Exchange library
ii libmono0 1.1.13.2-1 libraries for the Mono JIT
ii libpango1.0-0 1.10.4-1 Layout and rendering of internatio
ii librsvg2-2 2.12.7-5 SAX-based renderer library for SVG
ii libsm6 6.9.0.dfsg.1-4 X Window System Session Management
ii libsqlite0 2.8.16-1 SQLite shared library
ii libx11-6 6.9.0.dfsg.1-4 X Window System protocol client li
ii libxcursor1 1.1.3-1 X cursor management library
ii libxext6 6.9.0.dfsg.1-4 X Window System miscellaneous exte
ii libxi6 6.9.0.dfsg.1-4 X Window System Input extension li
ii libxinerama1 6.9.0.dfsg.1-4 X Window System multi-head display
ii libxrandr2 6.9.0.dfsg.1-4 X Window System Resize, Rotate and
ii libxrender1 1:0.9.0.2-1 X Rendering Extension client libra
ii libxss1 6.9.0.dfsg.1-4 X Screen Saver client-side library
ii mono-classlib-1.0 1.1.13.2-1 Mono class library (1.0)
ii mono-jit 1.1.13.2-1 fast CLI JIT/AOT compiler for Mono
Versions of packages beagle recommends:
ii beagle-backend-evolution 0.2.2.1-1 evolution data backend for beagle
ii poppler-utils 0.4.5-3 PDF utilitites (based on libpopple
-- no debconf information
Tags added: patch
Request was from Justin Pryzby <justinpryzby@users.sourceforge.net>
to control@bugs.debian.org.
(full text, mbox, link).
Reply sent to Jose Carlos Garcia Sogo <jsogo@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to James McCaw <james.mccaw@gmail.com>:
Bug acknowledged by developer.
(full text, mbox, link).
Source: beagle
Source-Version: 0.2.3-1
We believe that the bug you reported is fixed in the latest version of
beagle, which is due to be installed in the Debian FTP archive:
beagle-backend-evolution_0.2.3-1_all.deb
to pool/main/b/beagle/beagle-backend-evolution_0.2.3-1_all.deb
beagle-dev_0.2.3-1_i386.deb
to pool/main/b/beagle/beagle-dev_0.2.3-1_i386.deb
beagle_0.2.3-1.diff.gz
to pool/main/b/beagle/beagle_0.2.3-1.diff.gz
beagle_0.2.3-1.dsc
to pool/main/b/beagle/beagle_0.2.3-1.dsc
beagle_0.2.3-1_i386.deb
to pool/main/b/beagle/beagle_0.2.3-1_i386.deb
beagle_0.2.3.orig.tar.gz
to pool/main/b/beagle/beagle_0.2.3.orig.tar.gz
libbeagle0_0.2.3-1_i386.deb
to pool/main/b/beagle/libbeagle0_0.2.3-1_i386.deb
python-beagle_0.2.3-1_i386.deb
to pool/main/b/beagle/python-beagle_0.2.3-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 357392@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jose Carlos Garcia Sogo <jsogo@debian.org> (supplier of updated beagle package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 19 Mar 2006 17:20:49 +0100
Source: beagle
Binary: beagle python-beagle beagle-dev beagle-backend-evolution libbeagle0
Architecture: source i386 all
Version: 0.2.3-1
Distribution: unstable
Urgency: low
Maintainer: Jose Carlos Garcia Sogo <jsogo@debian.org>
Changed-By: Jose Carlos Garcia Sogo <jsogo@debian.org>
Description:
beagle - indexing and search tool for your personal data
beagle-backend-evolution - evolution data backend for beagle
beagle-dev - library for accessing beagle (development files)
libbeagle0 - library for accessing beagle (development files)
python-beagle - python bindings for beagle
Closes: 341387355831356732357102357392
Changes:
beagle (0.2.3-1) unstable; urgency=low
.
* New upstream release.
* debian/patches:
+ beagle-status_watch: don't check for local beagle-info (Closes: #357392)
* debian/beagle.dirs:
+ create /usr/share/doc/beagle/mozilla-extension in order to install
there beagle.xpi file for mozilla extension. (Closes: #357102)
* debian/control:
+ make beagle bin package to depend on gnome-icon-theme (Closes: #355831)
* relibtoolize.dpatch:
+ remake configure script to avoid checking for libxt (Closes: #356732)
* README.Debian:
+ state that XFS and JFS has extended attributes enabled by default.
Thanks to Jesper Louis Andersen for pointing me this.
+ talk about BEAGLE_STORAGE option, which will allows to change default
path for storing index files. (Closes: #341387)
Files:
80bcefcf1a51c42837b8c4f203bdcafe 1022 gnome optional beagle_0.2.3-1.dsc
061e973f7b7ce3daf4613b1a11eecdad 1703932 gnome optional beagle_0.2.3.orig.tar.gz
f0821a20d515cb081f0249f158c49436 16246 gnome optional beagle_0.2.3-1.diff.gz
b78e17ba6edf25b11ce59f84c736af12 1334698 gnome optional beagle_0.2.3-1_i386.deb
d12c515afea712969e4f8a2e4f1af2dd 57766 gnome optional beagle-backend-evolution_0.2.3-1_all.deb
140d4c3876f43f7b0377d9ddeb5b0a5d 54742 gnome optional libbeagle0_0.2.3-1_i386.deb
cefc0377588b56afc9931f38d1e6d8b0 68572 gnome optional beagle-dev_0.2.3-1_i386.deb
0a83a6637812293818830a7e7a8b626a 41336 gnome optional python-beagle_0.2.3-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEHb1fS+BYJZB4jhERAm6eAJ499W7Xq4K6Cz5odGeLYSCDE/ZDxQCggt4a
FgYqn4N0aXFpUe0S83BZBwE=
=nbZb
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 27 Jun 2007 04:09:04 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.